OT Cybersecurity Risk Increasingly Handled by Executive Leadership, Says Fortinet

A new global report from Fortinet, the 2025 State of Operational Technology and Cybersecurity Report, indicates a significant shift in responsibility for OT cybersecurity, with executive leadership taking on a more prominent role. The findings highlight current trends in OT security and suggest areas for ongoing improvement in securing IT/OT threat landscapes.

The report reveals that more than half (52%) of organizations now report that the CISO/CSO is responsible for OT, a notable increase from 16% in 2022. For all C-suite roles, this responsibility has surged to 95% from 41% in 2022. Additionally, the number of organizations planning to move OT cybersecurity under the CISO within the next 12 months has risen from 60% to 80% in 2025.

Nirav Shah, Senior Vice President, Products and Solutions, at Fortinet, commented on these trends, saying, “The seventh installment of the Fortinet State of Operational Technology and Cybersecurity Report shows that organizations are taking OT security more seriously. We see this trend reflected in a notable increase in the assignment of responsibility for OT risk to the C-suite, alongside an uptick in organizations self-reporting increased rates of OT security maturity,”. He added, “Alongside these trends, we’re seeing a decrease in the impact of intrusions in organizations that prioritize OT security. Everyone from the C-suite on down needs to commit to protecting sensitive OT systems and allocating the necessary resources to secure their critical operations.”

The report notes progress in self-reported OT security maturity. At the basic Level 1, 26% of organizations report establishing visibility and implementing segmentation, up from 20% in the previous year. The majority of organizations now indicate their security maturity is at Level 2, focusing on access and profiling.

A correlation was found between higher security maturity levels and fewer attacks, or a better ability to manage less sophisticated threats like phishing. While nearly half of organizations still experienced impacts from intrusions, the overall impact is declining, with a significant reduction in revenue-affecting operational outages, which dropped from 52% to 42%. The report also suggests that some advanced tactics, such as advanced persistent threats (APT) and OT malware, may go undetected by less mature organizations lacking appropriate security solutions.

The adoption of cybersecurity best practices, including basic cyber hygiene and improved training and awareness, appears to be having a positive effect, with a notable decrease in business email compromise. Incorporating threat intelligence also saw a spike to 49% since 2024. Furthermore, the report identified a significant decrease in the number of OT device vendors used by organizations, with 78% now using only one to four vendors, indicating vendor consolidation as a best practice for maturity and operational efficiency.

Fortinet’s report offers several best practices to enhance OT security postures:

• Establish Visibility and Compensating Controls: Organizations need to understand and monitor their OT networks. This includes protecting critical and vulnerable devices with specialized controls like protocol-aware network policies, system-to-system interaction analysis, and endpoint monitoring.
• Deploy Segmentation: Creating network zones or segments with strong network policy controls at all access points is crucial for a robust OT environment, aligning with standards like ISA/IEC 62443.
• Integrate OT into Security Operations (SecOps) and Incident Response Planning: OT environments have unique characteristics that require specific consideration in SecOps and incident response plans. Developing playbooks that incorporate OT environments can foster collaboration across IT, OT, and production teams and ensure proper awareness and resource allocation from the CISO.
• Consider a Platform Approach to Security Architecture: A unified security platform with capabilities for both IT and OT environments can help consolidate vendors, simplify architecture, improve security efficacy, and enable centralized management for better efficiency and automated threat responses.
• Embrace OT-Specific Threat Intelligence and Security Services: OT security benefits from timely awareness and precise analytical insights into risks. Security platforms should apply AI-powered threat intelligence for near-real-time protection and ensure threat intelligence feeds include robust, OT-specific information.

The Fortinet 2025 State of Operational Technology and Cybersecurity Report surveyed over 550 OT professionals globally, spanning various industries and locations. Most respondents were deeply involved in cybersecurity purchasing decisions and/or held responsibility for OT operations.