Fortinet, the cybersecurity provider driving the convergence of networking and security, has announced new and enhanced products and services for operational technology (OT) environments as an expansion of the Fortinet Security Fabric for OT.
Fortinet enables organisations to build a platform of integrated solutions to mitigate cyber risk across OT and IT environments effectively. Fortinet's OT solutions are natively integrated across the Fortinet Security Fabric to enable IT/OT convergence and connectivity seamlessly. This helps improve visibility and real-time response across the entire attack surface and empowers security operations centre (SOC) teams to become more efficient and effective in their time to respond across factories, plants, remote locations, and vehicles.
“Operational technology environments are more connected to the cloud and their supply chains than ever before, which has created a huge opportunity for cyber attackers. Traditional information security products are not well suited for cyber-physical security. The Fortinet Security Fabric for OT is specifically designed for operational technology, and we’re pleased to introduce additional cyber-physical security capabilities to protect these environments,” says John Maddison, EVP of products and CMO, Fortinet.
As more industrial environments increase connectivity with external and internal applications, devices, and corporate IT networks, the attack surface grows exponentially, exposing critical OT assets to increasingly advanced and destructive threats.
The 2022 Fortinet State of Operational Technology and Cybersecurity Report found that 93% of organisations had one or more security intrusions in the past year, with 61% affecting OT systems. Security breaches can disrupt critical infrastructure, resources, and services that support everything from local communities to entire nations. Thus, organisations must prioritise securing their OT environments by integrating tools and practices to help alleviate security risks that may arise from a lack of visibility and real-time response.
The newly released specialised products include FortiGate 70F Rugged Next-Generation Firewall (NGFW). It is the latest addition to Fortinet's rugged portfolio designed for harsh environments and features a new compact design with converged networking and security capabilities on a single processor. The 70F has FortiGuard AI-powered enterprise-grade security services. It delivers complete coverage for content, web and device security with dedicated OT and IoT services natively integrated with SD-WAN, universal zero trust network access (ZTNA), and LAN edge controllers. In addition, 5G support is also available through an integration with FortiExtender.
Another is FortiDeceptor.
Fortinet's deception technology for early breach detection and attack isolation is now available as an industrially hardened rugged appliance – the FortiDeceptor Rugged 100G – for harsh industrial environments.
FortiDeceptor (appliance and VM) also provides new OT/Internet of Things (IoT)/IT decoys to support diverse environments. In addition, to combat emerging threats and vulnerabilities, FortiDeceptor also now enables the on-demand creation of deception decoys based on newly discovered vulnerabilities or suspicious activity, providing automated, dynamic protection across OT/IoT/IT environments.
The third product is FortiPAM Privileged Access Management for Secure Remote Access. It offers enterprise-grade privileged access management for both IT and OT ecosystems. It includes secure remote access to critical assets regulated and monitored through workflow-based access approvals and session video recording. FortiPAM also supports secure file exchange and a password vault to manage and keep all credentials secret. In addition, it supports integration with FortiClient, FortiAuthenticator, and FortiToken to enable ZTNA, single sign-on, and multi-factor authentication.
Meanwhile, Fortinet has also announced new enhancements providing SOC teams with faster time to respond in OT and IT environments.
These include FortiSIEM unified security analytics dashboards, which now include event correlation and mapping of security events to the Purdue Model. It also has built-in parsers for OT security solutions, a MITRE ATT&CK for industrial control system (ICS) dashboard for OT-specific threat analysis, and support for data-diode technologies.
FortiSOAR now offers features to reduce alert fatigue and enable security automation and orchestration across IT and OT environments. Features include IT/OT dashboards mapped to the Purdue Model hierarchy, OT-specific playbooks for threat remediation, MITRE ATT&CK for ICS for threat analysis, and enhanced integration and connectors for OT threat intelligence.
FortiGuard Industrial Security Service now includes over 2,000 application control signatures for OT applications and protocols supporting deep packet inspection. The service also provides intrusion prevention signatures for over 500 known ICS vulnerabilities, so vulnerable assets can be virtually patched using FortiGate's next-generation intrusion prevention system.
Fortinet has also announced new OT specialised assessments and readiness services to stay ahead of threats.
These include the Fortinet cyber threat assessment program (CTAP) for OT, which validates OT network security effectiveness and application flows and includes expert guidance, enabling organisations to improve the security posture of their OT environments.
In addition, OT tabletop exercises for OT security teams are led by FortiGuard Incident Response team facilitators with expertise in threat analysis, mitigation, and incident response. The exercises help OT security teams identify security gaps through real-world OT attack scenarios to test an organisation's incident response plan.
“These announcement builds on Fortinet’s long-time support for OT customers with solutions specifically designed for cyber-physical security as part of the Fortinet Security Fabric for OT. This includes more than 500 technology integrations with over 300 Fabric-Ready Technology Alliance partners, FortiGuard Labs threat intelligence, and enhanced security operations management as organisations expand their IT/OT network operations centre (NOC) and SOC capabilities,” concludes Maddison.