shotsstudio - stock.adobe.com
OT security a channel opportunity
Research and anecdotal experiences of those working across the channel all point to operational technology being an area that needs to be secured by partners
Even before Fortinet shared its operational (OT) security report, the channel had been advising customers to improve their defences around the technology.
The security vendor’s State of operational technology and cybersecurity report underlined the growing awareness among customers of the need to widen their security net to encompass all parts of the business.
Fortinet’s study indicated that OT security was now a board issue for many customers, and the pressure was on chief information security officers to improve visibility and segmentation of those environments.
“[The report] shows organisations are taking OT security more seriously,” said Nirav Shah, senior vice-president of products and solutions at Fortinet. “We see this trend reflected in a notable increase in the assignment of responsibility for OT risk to the C-suite, alongside an uptick in organisations self-reporting increased rates of OT security maturity.
“Alongside these trends, we’re seeing a decrease in the impact of intrusions in organisations that prioritise OT security,” he added. “Everyone from the C-suite down needs to commit to protecting sensitive OT systems and allocating the necessary resources to secure their critical operations.”
The vendor found that when security best practices, including cyber hygiene and better training and awareness, were expanded to cover OT environments, there was a positive impact.
The vendor advised more visibility of OT assets, segmentation to be deployed with access policies and to integrate OT into broader SecOps.
Making a difference
Patrick Scholl, head of OT at Infinigate Group, said the pressure on customers to improve security around legacy environments spelled a chance for the channel to make a difference.
“OT environments are now legally required to meet strict security standards, but while IT security has matured over the decades, OT security is still in its infancy,” he said. “As regulatory scrutiny intensifies and industrial environments become more connected, organisations will need support with compliance and untangling the web of complexity behind OT security.
“As a result, OT security is set to become the next revenue opportunity for channel partners that position themselves as a key resource for customers scrambling to meet compliance demands,” said Scholl.
Others across the channel have also recognised the need for improved protection around OT environments. Speaking to MicroScope recently, Hayley Roberts, CEO of Distology, explained the risks some customers were starting to wrestle with.
“Operational technology security [has] been around for a long time, where you’ve got a lot of manufacturing businesses who are looking to go online or digitise, and of course, there’s a huge amount of vulnerability there,” she said. “So, it’s those older school businesses suddenly going into the digital age and then realising, ‘Am I exposing myself and my business practices to vulnerabilities and to the internet?’”
OT is one of the main areas Distology is focusing on, in recognition of the opportunity it poses as an area for security distributors and partners.
“One of the things that we did want to do is look at where we’re crafting and growing,” added Roberts. “Workplace is one of our areas, which is really to do with identity and end point security, and then you’ve got other areas such as security operations, cyber security operations and OT.”
To read more of Scholl’s thoughts about why OT is a growing channel opportunity, click here.
