Fortinet: Protecting Manufacturing Uptime From OT Threats

As production lines become increasingly digitised and operational technology (OT) networks expand their device connectivity, manufacturers face growing cybersecurity challenges.

Factory systems that once operated in isolation are now connected, creating vulnerabilities that expose industrial control systems to cyber threats capable of disrupting production and compromising workplace safety.

Fortinet's 2025 State of Operational Technology and Cybersecurity Report reveals how manufacturers are responding to this converged threat environment through elevated executive accountability and strategic approaches combining visibility, segmentation and AI-powered detection.

“The seventh instalment of the Fortinet State of Operational Technology and Cybersecurity Report shows that organisations are taking OT security more seriously,” says Nirav Shah, Senior Vice President, Products and Solutions at Fortinet.

“We see this trend reflected in a notable increase in the assignment of responsibility for OT risk to the C-suite, alongside an uptick in organisations self-reporting increased rates of OT security maturity. 

“Alongside these trends, we’re seeing a decrease in the impact of intrusions in organisations that prioritise OT security. 

“Everyone from the C-suite on down needs to commit to protecting sensitive OT systems and allocating the necessary resources to secure their critical operations.”

OT security

The convergence of IT and OT systems has fundamentally altered how manufacturers approach cybersecurity.

Traditional air-gapped factory environments no longer exist in most facilities, replaced by interconnected ecosystems where programmable logic controllers (PLCs) and supervisory control and data acquisition (SCADA) systems link directly to enterprise networks.

This integration supports digital transformation initiatives but simultaneously introduces attack vectors that threat actors actively exploit.

Fortinet's research indicates a significant behavioural shift across OT-intensive industries, with manufacturing leading this transformation.

More than half (52%) of organisations now assign direct OT responsibility to the Chief Information Security Officer or Chief Security Officer, a dramatic increase from just 16% in 2022.

When considering all C-suite roles involved in OT oversight, that figure reaches 95%.

“Responsibility for OT security continues to elevate within executive ranks,” Fortinet says in the report.

“As accountability continues to shift into executive leadership, OT security is elevated to a high-profile issue at the board level.”

Operational resilience

This elevation of OT security to boardroom level reflects how operational technology has evolved into a strategic risk domain.

Connected devices and industrial control systems now underpin business continuity strategies, making cybersecurity inseparable from operational performance.

Manufacturing continues to attract the highest volume of cyberattacks globally, representing approximately a quarter of all incidents.

According to Statista, the manufacturing sector faced the highest number of cyber attacks in 2023, with 638 reported.

Another Statista report also found that, on average, the number of phishing attacks per user in 2024 reached 2.91, with manufacturing and construction hitting around 1.65 attacks per user.

Fortinet finds that threat actors increasingly deploy ransomware and wiper malware such as Ekans or Industroyer2 to cripple industrial operations and apply financial pressure.

These attacks exploit the "flattened" architecture of many older OT environments, where limited segmentation allows malware to move laterally between IT and operational systems.

However, organisations with higher OT security maturity levels experience fewer operational outages and revenue impacts, down from 52% to 42% year-on-year, according to Fortinet's research.

Manufacturers implementing basic cyber hygiene, user awareness and threat intelligence have cut business email compromise significantly.

Consolidating vendors into integrated OT security platforms also enhances efficiency, with some organisations seeing up to a 93% reduction in cyber incidents compared to flat networks and seven times improvements in triage and setup times.

Best practices for OT security

Fortinet's report outlines strategic approaches manufacturers can deploy to fortify OT environments against escalating convergence threats:

1. Implement strong network segmentation: Isolate critical industrial systems from corporate IT using ISA/IEC 62443 zones – FortiGate Rugged Firewalls thrive in factory conditions, blocking lateral movement from ransomware like Ekans.
2. Apply strategic patching and updates: Schedule non-disruptive patches during maintenance windows for legacy hardware lacking native security. Balance vulnerability fixes with production continuity to avoid costly downtime.
3. Enable continuous real-time monitoring: Deploy anomaly detection for protocol misuse and irregular controller patterns. FortiNDR provides AI-driven visibility, spotting threats before they halt assembly lines.
4. Establish clear governance frameworks: Align cybersecurity with safety and compliance standards, reflecting C-suite OT oversight. Ensure executive accountability drives resource allocation.
5. Foster cross-team collaboration: Unite IT, OT and security via FortiSIEM for shared playbooks and unified monitoring. This bridges silos, accelerating incident response in converged environments.
6. Invest in OT-specific training programmes: Train factory staff on industrial phishing and errors. Pair with FortiGuard OT Threat Intelligence for ICS-focused feeds, reducing human error in high-stakes operations.

Manufacturing’s low downtime tolerance makes it a prime target when it comes to cybersecurity threats.

However, Fortinet data showcases how important proactive strategies are and, most importantly, that they work.