Fortinet, the global cybersecurity leader driving the convergence of networking and security, today announced new and enhanced products and services for operational technology (OT) environments as an expansion of the Fortinet Security Fabric for OT. Fortinet allows organisations to build a platform of integrated solutions to effectively mitigate cyber risk across OT and IT environments.

Operational technology environments are more connected to the cloud and their supply chains than ever before, which has created a huge opportunity for cyberattackers. Traditional information security products are not well suited for cyber-physical security. The Fortinet Security Fabric for OT is specifically designed for operational technology, and we’re pleased to introduce additional cyber-physical security capabilities to protect these environments. — John Maddison, executive vice president of products and chief marketing officer at Fortinet

The state of OT security

As more industrial environments increase connectivity with external and internal applications, devices and corporate IT networks, the attack surface grows exponentially, exposing critical OT assets to increasingly advanced and destructive threats. The 2022 Fortinet State of Operational Technology and Cybersecurity Report found that 93% of organisations had one or more security intrusions in the past year, with 61% of intrusions affecting OT systems. Security breaches have the potential to disrupt critical infrastructure, resources and services that support everything from local communities to entire nations. Organisations must prioritise securing their OT environments by integrating tools and practices to help alleviate security risks that may arise from lack of visibility and real-time response.

Securing OT environments with the Fortinet Security Fabric for OT

Highlighting its commitment to OT security, Fortinet has released new and enhanced products and services to help organisations better protect their OT environments. Fortinet’s OT solutions are natively integrated across the Fortinet Security Fabric to seamlessly enable IT/OT convergence and connectivity. This helps improve visibility and real-time response across the entire attack surface and empowers security operations centre (SOC) teams to become more efficient and effective in their time to respond across factories, plants, remote locations and vehicles.

New specialised products include:

FortiGate 70F Rugged Next-Generation Firewall (NGFW) is the latest addition to Fortinet’s rugged portfolio designed for harsh environments and features a new compact design with converged networking and security capabilities on a single processor. The 70F has FortiGuard AI-powered enterprise-grade security services and delivers complete coverage for content, Web and device security with dedicated OT and IoT services that are natively integrated with SD-WAN, universal zero-trust network access (ZTNA) and LAN edge 5G support is also available through an integration with FortiExtender.
FortiDeceptor, Fortinet’s deception technology for early breach detection and attack isolation, is now available as an industrially hardened rugged appliance – the FortiDeceptor Rugged 100G – for harsh industrial environments. FortiDeceptor (both appliance and VM) also provides new OT/IoT/IT decoys to support diverse environments. To combat emerging threats and vulnerabilities, FortiDeceptor also now enables on-demand creation of deception decoys based on newly discovered vulnerabilities, or suspicious activity, providing automated, dynamic protection across OT/IoT/IT environments.
FortiPAM, or Privileged Access Management for Secure Remote Access, offers enterprise-grade privileged access management for both IT and OT ecosystems. It includes secure remote access to critical assets regulated and monitored through workflow-based access approvals and session video recording. FortiPAM also supports secure file exchange and a password vault to manage all credentials and keep them secret. It supports integration with FortiClient, FortiAuthenticator and FortiToken to enable ZTNA, single sign-on and multi-factor authentication.

New enhancements providing SOC teams with faster time to response in OT and IT environments include:

FortiSIEM unified security analytics dashboards now include event correlation and mapping of security events to the Purdue Model. It also includes built-in parsers for OT security solutions, a MITRE ATT&CK for ICS (industrial control system) dashboard for OT-specific threat analysis, and support for data-diode technologies.
FortiSOAR now offers features to reduce alert fatigue and enable security automation and orchestration across IT and OT environments. Features include IT/OT dashboards mapped to the Purdue Model hierarchy, OT-specific playbooks for threat remediation, MITRE ATT&CK for ICS for threat analysis, and enhanced integration and connectors for OT threat intelligence.
FortiGuard Industrial Security Service now includes more than 2 000 application control signatures for OT applications and protocols that support deep packet inspection. The service also includes intrusion prevention signatures for over 500 known ICS vulnerabilities, so vulnerable assets can be virtually patched using FortiGate’s next-generation intrusion prevention system.

New OT specialised assessments and readiness services to stay ahead of threats include:

Fortinet Cyber Threat Assessment Program (CTAP) for OT validates OT network security effectiveness and application flows, and includes expert guidance, enabling organisations to improve the security posture of their OT environments.
OT Tabletop Exercises for OT Security Teams are led by FortiGuard Incident Response team facilitators with expertise in threat analysis, mitigation and incident response. The exercises help OT security teams identify security gaps through a series of real-world OT attack scenarios to test an organisation’s incident response plan.

An Integrated approach to OT security

Today’s announcement builds on Fortinet’s long-time support for OT customers with solutions specifically designed for cyber-physical security as part of the Fortinet Security Fabric for OT. This includes more than 500 technology integrations with over 300 Fabric-Ready Technology Alliance partners, FortiGuard Labs threat intelligence and enhanced security operations management as organisations expand their IT/OT network operations centre (NOC) and SOC capabilities.