Cybersecurity in operational technology environments (OT) has ceased to be a purely technical issue to become a strategic priority that reaches senior management offices. This is confirmed by the seventh edition of the Global Report on the State of Operational Technology and Cybersecurity prepared by Fortinet, which radiography the evolution of OT security in industries such as manufacturing, energy, transport or pharmaceutical.
Through more than 550 interviews with professionals from 30 countries, including Spain, the study identifies clear trends: the CISO already leads in most organizations the OT security decisions, the consolidation of suppliers gains land and technological maturity begins to translate into less operational interruptions after an attack. However, the risk is still present: almost half of the organizations suffered some type of incident in the last year.
One of the most revealing changes in the report has to do with the leadership of OT cybersecurity. While in 2022 only 16% of organizations allocated this responsibility to the CISO or CSO, in 2025 that figure already exceeds 50%. And the trend does not stop: 80% of organizations expect to integrate OT security into the CISO structure throughout the next 12 months.
«OT security is no longer an exclusive issue of the technical team. It is becoming a priority issue for the Board of Directors, ”explains Nirav Shah, Senior Vice President of Fortinet products and solutions. “We are seeing a decrease in the impact of intrusions on organizations that prioritize OT security. Everyone, from senior direction down, commit to the protection of sensitive OT systems.”
Digital maturity reduces the impact of cyber attacks, but there is still a margin of improvement in operational environments
Maturity in front of threats: less impact, but persistent threats
Another key finding of the report has to do with the maturity of OT security systems. Organizations that have reached intermediate or high levels (levels 2 to 4) show lower exposure to low sophistication attacks, such as phishing or business email commitment. In addition, the number of organizations that suffered operational interruptions with direct impact on income has been reduced from 52% to 42%.
Even so, the most complex threats, such as specific malware for OT or APT environments, are still difficult to detect, especially in companies with less digital maturity. This gap highlights the importance of having specialized solutions, adapted to the critical nature of industrial environments.
Consolidate, integrate, automate: Effective security keys
The report also highlights the practices that are giving better results. Among them, the consolidation of OT devices suppliers – 78% of organizations already work with only one and four – and security solutions, which simplifies management and improves visibility. In fact, Fortinet ensures that its customers have managed to reduce cyber incidents by 93% after deploying otmented and safe networks against flat architectures.
Automation and integration also play a key role. Unified security platforms that combine IT and OT protection not only optimize resources, but allow faster and faster incidents.
Recommendations for an ot resilient environment
The report concludes with a series of good essential practices for organizations to reinforce their cyber -defense. These include total visibility of OT assets and apply network segmentation, to integrate OT systems into incident response plans and adopt security platforms with artificial intelligence adapted to OT threats.
In Fortinet’s words, “protecting critical operations requires not only technology, but also strategy, leadership and collaboration between IT, OT and Executive teams.”
