The state of operational technology and cyber security in 2025: Key insights & takeaways
This blog has been written by Rebecca Hopwood-Keay, Direct Marketing Manager for Secure Networks, at Nasstar.
As we immerse ourselves in 2025, the landscape of operational technology (OT) and cyber security is evolving at a breakneck pace. The Fortinet 2024 State of Operational Technology and Cybersecurity Report offers a deep dive into the current state of OT security, spotlighting key trends, challenges, and best practices. For ease, we’ve done the digging for you and pulled out the critical insights and takeaways from the report.
Cyber intrusions are on the rise
"One of the most alarming trends in the Fortinet report is the significant rise in cyber security intrusions." says Rebecca Hopwood-Keay, Direct Marketing Manager at Nasstar.
Nearly one-third of respondents reported experiencing six or more intrusions in the past year—a stark increase from previous years. This surge in attacks has led to more severe impacts on organisations, including:
- Degradation of brand awareness: Over half of the respondents reported a steep increase in brand awareness degradation due to successful attacks.
- Loss of business-critical data: The loss of essential data and intellectual property has risen from 34% to 43%.
- Operational outages: More than half of the organisations experienced productivity-affecting outages, with significant impacts on revenue and physical safety.
OT activities are becoming less visible
The report highlights a concerning decrease in the visibility of OT activities within central cyber security operations. Only 5% of organisations reported having 100% visibility, down from 10% the previous year. This decline suggests that as organisations' OT security postures mature, they become more aware of their blind spots.
Despite these challenges, there has been progress in OT security maturity. The report notes growth at both ends of the maturity spectrum:
- Basic level: Establishing visibility and segmentation has increased from 13% to 20%.
- Advanced level: Leveraging orchestration and automation capabilities has grown from 13% to 23%.
Operational technology security is fast becoming a key consideration
The responsibility for OT cyber security is increasingly being elevated within executive leadership ranks. The report shows a shift from OT directors of cyber security to VP/directors of networking engineering/operations and CISOs. This elevation indicates that OT security is becoming a higher-profile issue at the board level, reflecting its critical importance to organisational resilience.
Rebecca commented: "The Fortinet 2024 State of Operational Technology and Cybersecurity Report underscores the dynamic and challenging nature of managing OT risks. While there has been progress in some areas, the increase in intrusions and their impact highlights the need for continued vigilance and investment in OT security."
We expect to see a significant shift towards proactive OT cyber security strategies in 2025, pushed along by increased regulatory pressure, changing threats, and the growing adoption of AI-powered solutions to protect critical infrastructure from cyber attacks.
Best practices for enhancing OT security
To address the growing challenges in OT cyber security, the report also outlines several best practices:
- Deploy segmentation: Creating network zones or segments to enforce controls between OT and IT networks is crucial. This approach helps reduce intrusions by hardening the OT environment with strong network policy controls.
- Establish visibility and compensating controls: Organisations need to see and understand everything on their OT networks. Protective compensating controls, such as protocol-aware network policies and endpoint monitoring, are essential for detecting and preventing compromises.
- Integrate OT into Security Operations (SecOps): Maturing towards IT-OT SecOps involves including OT in incident response plans and fostering collaboration across IT, OT, and production teams.
- Consider a platform approach: A platform-based security architecture can help consolidate vendors, simplify security management, and enable automated responses to threats.
- Embrace OT-specific threat intelligence: Timely awareness and precise analytical insights about imminent risks are vital. Organisations should ensure their threat intelligence includes robust, OT-specific information.
Nasstar's Fortinet accreditations and experience
Nasstar has a long-standing partnership with Fortinet, spanning over 15 years and enabling us to deliver robust and advanced security solutions to our clients. We are one of only two Expert Partners in the UK to achieve Fortinet’s SD-WAN, Operational Technology (OT), and Security Operations specialisations.
With over 200 Fortinet certifications, Nasstar has demonstrated expertise in addressing complex security challenges across various industries, including manufacturing, logistics, energy, and utilities.
Our Fortinet-powered offerings include:
- Operational technology (OT) security: Nasstar helps protect critical OT systems from network breaches and cyber threats. Our tailored solutions and ongoing support ensure that OT and IT systems operate in unison, enhancing production efficiency and security.
- Security Operations (SecOps): By integrating Fortinet’s advanced technology, we enhance our SecOps capabilities, enabling businesses to detect, investigate, and respond to security incidents swiftly and effectively.
- Secure SD-WAN: Nasstar combines Fortinet’s industry-leading technology with expertise to provide fast, secure, and reliable data routing with SD-WAN. This ensures seamless connectivity and robust security for businesses with remote teams and complex IT setups.
How Nasstar can help
By adopting best practices and leveraging Nasstar's expertise and Fortinet accreditations, organisations can better protect their critical systems and ensure operational resilience both now and in the future.
Speak to our team today to find out how we can help you embrace OT security.
