Fortinet-2026年运营技术(OT)与网络安全现状报告 2026 State of Operational Technology and Cybersecurity Report_第1页
Fortinet-2026年运营技术(OT)与网络安全现状报告 2026 State of Operational Technology and Cybersecurity Report_第2页
Fortinet-2026年运营技术(OT)与网络安全现状报告 2026 State of Operational Technology and Cybersecurity Report_第3页
Fortinet-2026年运营技术(OT)与网络安全现状报告 2026 State of Operational Technology and Cybersecurity Report_第4页
Fortinet-2026年运营技术(OT)与网络安全现状报告 2026 State of Operational Technology and Cybersecurity Report_第5页
已阅读5页,还剩29页未读 继续免费阅读

下载本文档

版权说明:本文档由用户提供并上传,收益归属内容提供方,若内容存在侵权,请进行举报或认领

文档简介

FTInET

2026Stateof

OperationalTechnology

andCybersecurityReport

2026StateofOperationaITechnoIogyandCybersecurityReportREPORT

TableofContentsKeyTakeaways3

ExecutiveSummary7

Introduction7

CriticalInsightsforOTSecurity8

BestPractices15

Conclusion19

2

2026StateofOperationaITechnoIogyandCybersecurityReportREPORT

3

KeyTakeawaysPeople

Overthepasteightyears,cybersecuritymaturityhasincreasedgloballyasorganizationshaveintegrated

operationaltechnology(OT)securityunderthechiefinformationsecurityofficer(CISO)orotherinformation

securityleadershiprolessuchasthechiefinformationofficer(CIO).In2026,60%ofrespondentsreportthattheCISOandCIOcurrentlyhasultimateresponsibilityforOTcybersecurity,downfrom69%in2025.

Signalinganincreaseinmaturity,theC-suitehasmitigatedOTrisktothepointofdelegatingOTcybersecurityresponsibilitybackdowntoseniorleadershiproles.ThoserespondentswhodonothaveelevatedOTriskyetstillneedspecialized

knowledgeandleadershiptoaddresstheincreasingnumberofsophisticatedthreats.Forthefifthconsecutiveyear,the

numberofrespondentswhointendtomoveOTcybersecurityundertheCISOinthenext12monthsincreasedfrom80%in2025to81%in2026.ThesechangesindicateasolidifyingoftheimportanceofOTriskownershipintheC-suite.

52%

38%34%

CISO/CSO

16%

11%7%

2%1%

CTO

40%

19%

8%

20%17%

11%

CIO

59%

53%

42%

6%

0%0%0%1%3%

20222023202420252026

OtherC-Suiteexecutive

9%

3%

VPlevelorlower

5%

4%

COO

16%

19%

5%

OTcybersecurityownership

4%

79%

17%

2023

10%

81%

8%

2026

11%

79%

10%

2022

12%

60%

27%

2024

18%

80%

2%

2025

No

Yes

Already

underCISO

PlannedCISOrollup

2026StateofOperationaITechnoIogyandCybersecurityReportREPORT

4

OTcybersecurityprogram,process,andsolutionmaturity

Inrecentyears,self-assessedprogramandprocessmaturitywashighwithrespondentsreportingmaturitylevelsof3and4.Overtime,asmoreresourcesandsecuritysolutionswereintroducedandITteamsandC-suitegainedmoreoversight,itbecameapparentthatthetruematuritylevelswereactuallymuchlower.Nowtheself-assessedprocessandsecuritysolutionmaturitylevelshaverecalibratedasjointITandOTsecurityteamshavereceived

additionalfundinganddeployedmoresolutions.BecauseofadvancedOTsecuritysolutions,additionalsecurityexperience,andmorediverseteams,organizationshavereevaluatedtheirself-assessedlevels.MoreOTsecurityoperatorsnowrealizewheretheyareintermsofmaturityandwheretheirsystemsremainexposed,sotheyareimplementingsecuritybasicssuchasimprovingassetvisibilityandaccesscontrolsandimplementingproper

networksegmentation.

RegardingProcessMaturity,manyrespondentsinlevels1and2reporttheyarestillinfirefightingmode.Onlyaminority

ofrespondentsareatlevel4andtrulymatureintheirsecurityapproaches.Respondentsatlevel0strugglewithalackof

documentationandcoreprocesses,increasingfrom1%in2025to5%in2026.Thelevel1andlevel2figuresalsoincreasedsharplythisyearover2025,from5%to17%,and13%to27%,respectively.

Level3respondentsarerelativelysophisticated,increasingmodestlyyear-over-year(YoY).Advancedenterprisesatlevel4declinedsharplyfrom49%to17%.Thisreassessmentisapositivesign,signalingthatOTsecurityteamsaremorediverse,moreexperienced,betterfunded,andhaveimplementednewsecuritysolutionsthathaverevealedpreviouslyunknown

securitygaps.

5%

1%1%3%1%

13%

17%10%

5%5%

13%

28%27%27%

21%

48%

41%

43%

35%

32%

49%

31%

16%

15%17%

Level0

Level1

Level2

Level3

Level4

Firefighting.

Basicmanagement

Cybersecurityproduces

Thecybersecurity

Cybersecurityprocesses

Cybersecurityprocesses

practicesarefollowed

andworksfrom

programusesdata

arecontinuallyimproved

areunorganizedand

inourcybersecurity

documentedprocesses

collectionandanalysis

viafeedbackfrom

undocumented.

program.

andprocedures.

Standardsand/or

guidelineshavebeen

identified.

toimproveitsoutcomes.

Activitiesareguided

bydocumented

organizationaldirectives.

Policiesinclude

compliancerequirements

forspecifiedstandards

and/orguidelines.

existingprocesses,

includingoptimizing

andautomatingthreat

intelligenceandincident

management.

20222023202420252026

ChangetitletoreadCybersecurityProcessMaturity

Solutionmaturitypresentsasimilarpicture.Level4respondentsdecreasedYoY(19%to14%),althoughlevel3wasupslightlyat24%versus22%in2025.Level0andlevel1categorieswereupnotablyfrom1to5%and26to30%,respectively.These

lessmaturecompaniesareexposedandmustmovequicklytoavoidfallingvictimtonewandemergingthreats.

2026StateofOperationaITechnoIogyandCybersecurityReportREPORT

5

5%

2%1%1%1%

Level0

Nosegmentation

orvisibilityinplace

forOT

Level4

Leverage

orchestrationand

automation

Level2

Accessandprofiling

established

1%1%1%1%1%

Unsure

Level3

Predictivebehaviorestablished

Level1

Visibilityand

segmentation

established

20222023202420252026

32%

30%30%

26%

23%

13%

20%

13%

27%

22%

19%

14%

30%

26%

44%

35%

28%

24%

14%

21%

ChangetitletoreadOTcybersecuritySolutionmaturity

Cybersecurityincidents

Apositiveindicatorofincreasingcybersecuritymaturityisthatteamsarenowreportinggreatervisibilityof

intrusionsasopposedtoreportingnone.Inthisyear’sreport,thedecliningnumbersofrespondentssayingtheyhaddetectedzerointrusionsmaypointtoagreaterabilitytodetectintrusionsratherthanarealdeclineinthe

volumeofsuccessfulattacks.Atthetopend,organizationsthathavehadmorethan10intrusionsintheyear

stayedsteadyatjust2%.However,thenumbersofrespondentsreportingmultipleattacks(onetonineincidents)haveincreasedfrompreviousyearstotaling71%,upfrom47%.

1%

8%

21%

18%

52%

2025

7%

24%

30%

15%

24%

2024

7%

19%

49%

18%

6%

2022

10%

37%

27%

25%

2023

10+

6to9

3to5

1to2

0

34%

21%

26%

2026

2%

16%

1%

Numberofintrusions

2026StateofOperationaITechnoIogyandCybersecurityReportREPORT

6

Moreregulationsareexpectedsooner

Laws,regulations,andcompliancemandatescontinuetobechallengesforITandOTleaders.Increasingly,theseleaderswanttogetaheadofgovernancecyclesandlearnaboutpotentialpendingrulechangesthatmayimpactdataprotection,cybersecurity,health,safety,andotherfactors.

Lastyear,somerespondentsexpectednewregulationsinafewyears,butnowthevastmajorityofrespondentspredictnewregulationswillbecomingsoon.Thesenewregulationswillincreasecybersecuritydemandsbutalsowillimprovenetwork

reliabilityandresilience.

In2026,almostnineoutof10respondents(89%)expectincreasedregulationinfiveyearsorless.Thisnumberisupsharplyfrom66%in2025.Regardingtiming,therewasa20-pointshiftinrespondentsnowanticipatingnewregulationsintwotofiveyearsasopposedtofive+years,suggestingthatrespondentswanttoprepareforITandOTregulatorycompliancechallengesastheyrelatetocybersecurity.

Unknown

No

Yes,in5+years

Yes,in2-5years

Yes,inlessthan1year

61%

28%

2026

40%

26%

2025

1%

8%

27%

8%

Anticipatedregulationsincrease

2026StateofOperationaITechnoIogyandCybersecurityReportREPORT

7

ExecutiveSummary

ThisyearmarksoureightheditionoftheFortinetStateofOperationalTechnologyandCybersecurityReport.The2026studyisbasedoncomprehensivedatafromaglobalsurveyofmorethan700OT-relatedprofessionalsconductedbyarespectedthird-partyresearchcompany.

Thisyear’sreportindicatesthatin2026,organizationsaretakingOTsecurityseriously,buttheystillhaveworktodo.Aminorityofsurveyrespondentshaveensuredtheyhavetheprocessesandtoolsinplacetoaddressthewaveofcybersecurityattacks,threateningtobringtheiroperationstoahalt.

Manyotherrespondentsaretakingsensiblestepstomeetregulationsandrepelattackers.Theyareresponsiblydocumentingandreportingtheiractionsandhaveseniorpeopleinvolvedinstrategicdecisionstodefendtheiroperations.Butsecuritygapsremain,andanumberofrespondentsadmitthattheyarestillinreactive,fire-fightingmode.

Organizationswiththehighestsecuritymaturityhaveimplementedthebestpractices,suggestedattheendofthisreportandconsolidatedvendorstomanagecomplexityandcosts.ManyoftheseorganizationshavetakenanintegratedplatformapproachtoOTcybersecuritywithcentralizedmanagement,threatintelligence,andsecurityorchestration.

TheseorganizationsoftenturntotheC-suiteforleadershipratherthanrelyingonspecialistsalone.Thisyear,responsibilitycontinuestomovetotheCISOandotherexecutivesasriskisbetterunderstood,funded,andredistributed.We’vealsoseenalevelofOTsecuritymaturityforcertainorganizationswhereOTriskisbeingmitigatedanddelegatedtotheVPlevel.

ThoseOTorganizationswithhighersecuritymaturityalsoarelikelytoexperiencefewerincidentsin2026.Enterprisesareincreasinglytakingtheopportunitytomodernizetheirindustrialcontrolsystems(ICS),whichwillimprovetheirdefenses.

OrganizationsemployingintegratedOTsecurityplatformsforgreaterholisticdefensealsoarelikelytohavefewerincidents.

Thealways-onnatureofmanyOTorganizationshascreatedarapidincreaseinconnecteddevices,applications,andusersthatneedtobesecured.OneofthegreatestchallengesinOTsecurityisunderstandingthecomplexnatureofbusinessandoperationalsystemsthatcanimpactproductionorreliabilityofcriticalinfrastructure.

Introduction

AttacksonOTsystemscanslowdownortopplecoreindustrialprocesses,equipment,andcriticalinfrastructure,potentiallyleadingtohumanhealthandsafetyrisks.Attacksalsocanleadtobranddamage,penalties,reducedincome,andlossof

intellectualproperty(IP).Asmaliciousactorsincreasinglytargetkeyoperationalsitesandcriticalinfrastructure,industryandgovernmentsworldwideareworkingtostrengthencybersecurityregulations,resiliencerequirements,andincidentreportingrulesforOTandICS.

However,manyOTsystemsaredecadesold,andtheenvironmentstheyweredesignedforwerenevermeanttobeconnectedtotheInternet.Today,asorganizationscontinuetodigitizeandtransformtheiroperations,OTandITthreatsareinextricablylinked.ConnectingOT,IT,andcloudsystemstoalignoperations,infrastructure,andanalyticscanintroduceserious

cybersecuritychallenges.

SecuringOTnetworksisn’teasyandtoday’srapidlyevolvingthreatlandscaperequiresvigilance.However,asthisyear’sStateofOperationalTechnologyandCybersecurityReportshows,organizationsaretacklingmultiplechallengesandimprovingtheiroverallsecurityposturebyre-evaluatingandappropriatelyassessingOTcybersecurityprocessandsolutionmaturity.

Cybersecurityattacksareincreasingandattackerscontinuetoexpandtheircapabilities.Andnowbecauseofincreasednation-stateconflictsandgeopolitics,OTsystemsareanappealingtargetforattackersseekingtodisruptoperationstomakeapoliticalstatementorcontributetomilitaryoperations.ProtectingOTsystemsrequiresmoderntools,diligentmonitoring,andappropriatebudgetingandresourceallocation.

2026StateofOperationaITechnoIogyandCybersecurityReportREPORT

8

CriticalInsightsforOTSecurity

Criticalinsight#1:ResponsibilityforOTsecurityremainsintheC-suite

Cybersecurityisaboard-levelissuespanningvirtuallyallindustries,butOTsecurityisequallyimportant.TheroleoftheCISOhasbecomemorevisibleinrecentyears,butin2026,cybersecurityresponsibilityoftenextendstonon-technicalVPand

C-suiteexecutives.

19%

5%

VPlevelorlower

11%

2%1%3%

COO

16%

CISO/CSO

19%

11%8%

CIO

59%

53%

42%

16%

7%

CTO

20222023202420252026

6%

0%0%0%

OtherC-Suiteexecutive

38%

34%

20%

17%

40%

52%

4%

3%

9%

5%

1%

OTcybersecurityownership

Criticalinsight#2:Buyersarefocusingoncostconstraints

The2026reportsuggeststhatbuyersaretighteningtheirbelts.Althoughvalueisimportant,theneedtokeepoperationssecureandperformingwellwhencybersecurityrisksarehighremainscritical.

Costreductionandavoidancewasthenumberonecybersecuritymeasurementtrackedandreportedfor2026,risingfromsecondplacelastyear.Moreorganizationexpectnewregulations,leadingtoanincreaseinCompliance/RegulatoryReporting(17%).

56%

52%

48%

45%

41%

17%

0%

63%

59%

52%53%53%

Vulnerabilities

foundand

blocked

65%63%

60%

48%

42%

Costreductionand/oravoidance

54%

52%

42%

28%27%

Intrusions

detectedand

remediated

59%

56%56%

47%

41%

Productivitygains

Compliance/regulatory

reporting

20222023202420252026

Tangiblerisk

management

outcomes

Financial

implications

51%

47%

70%69%

52%

Cybersecuritymetrics

2026StateofOperationaITechnoIogyandCybersecurityReportREPORT

9

CriticalInsight#3:Dwelltimenumbersareup

Attackerdwelltimemeasureshowlongattackersspendundetected.Thiscriticalkeyperformanceindicator(KPI)alsooftenreflectshowmuchdamageattackerscaninflictbecauseit’seasierforattackerstoperformmalicioustasksbeforethey’redetected.

Oursurveysuggeststhatalthoughthereissomeflatteningofdwelltimesofminutes,hoursordays,attackswithlongerdwelltimesofweeks,orevenmonths,haveincreased.Theselongdwelltimesleaveenterprisesopentosurveillance,lossofIP,andincreasetheriskofaransomeventorphysicaldisruption.

16%

17%

13%

50%33%

38%

27%

37%

29%

6%

6%

13%

1%

5%

7%

Don’tknow

1%

202420252026

Minutes

Hours

Days

Weeks

Months

Anticipatedregulationsincrease

ADeepDiveintothe2026Survey

Q:WhatpercentageofyourOTsystemsarevisiblewithinyourorganization’scentralcybersecurityoperations?

AlthoughmostOTenvironmentsarevisibletosecurityteams,23%ofrespondentssaytheyonlyhavevisibilityintoabouthalfoftheirnetwork,potentiallyleadingtovulnerabilitiesrelatedtosiloedinformation,lackofawareness,monitoringchallenges.

Notablyin2026,thenumberofrespondentsreportingthattheyhave100%visibilityintoOTsystemshasgrownfrom5%in2025to14%,signalinggrowingconfidenceincomprehensivenetworkvisibility.

Novisibility:0%About25%

About50%

About75%

Fullvisibility:100%

3%

28%

59%

10%

2023

3%

23%

61%

13%

2022

3%

26%

67%

5%

2024

3%

23%

59%

14%

2026

2%

30%

62%

6%

2025

OTsystemsvisibility

2026StateofOperationaITechnoIogyandCybersecurityReportREPORT

10

Q:Whichofyourenvironmentshavebeenimpactedbycybersecurityintrusionsinthepastyear?

IntrusionsarehavingagrowingimpactonbothITandOTsystems,butrespondentsmaybebecomingbetterabletoaddresstheimpactofintrusions.

It’slikelythatsegmentationbetweenITandOTsystemsisbeingdeployedbecauselessthanaquarterofrespondents(24%)saidbothOTandITsystemswereaffectedbyintrusions,asignificantdropfrom2025(60%)andthelowestfiguresince2022.

28%

17%

EnterpriseIT

systems,butnotOT

systems

OTsystems,but

notenterpriseIT

systems

BothITandOT

systemswere

impacted

20222023202420252026

40%

17%

30%

24%22%

51%

39%

60%

49%

32%

21%

46%

24%

Impactedenvironments

Q:WhatOTcybersecurityissuesarereportedtoseniorandexecutiveleadership?

Reportingroutinecybersecurityeventstoseniorleadershipisperformedbyabouthalfofrespondents,but53%failtoreferreportsoncompliancewithcurrentorpendingregulations,adropfrom60%in2025.

71%

63%

58%

53%53%

Compliancewithsecuritystandards

69%

59%

51%49%52%

Scheduledsecurityassessments

59%

50%49%

38%

73%

48%

44%

Resultsofpenetration/intrusiontests

20222023202420252026

Compliancewithindustryregulations

Security

compromises

61%

52%

60%

53%

49%50%

68%

47%

Escalated/reportedissues

2026StateofOperationaITechnoIogyandCybersecurityReportREPORT

11

Q:Whattypesofintrusionswereexperienced?

Thetypesofintrusionsrespondentsreportedremainedstable,withphishingemailsat76%andransomwareat50%.

Ransomwaredroppedmarginallyto50%from54%in2025butremainsamajorissuebecauseofthepotentialforittoinflictsignificantdamage.

Asmoreenterprisesdigitizeoperationstobettermonitorandmeasureactions,OTnetworksarebecomingmoreprevalent,

strategic,andsophisticated.However,thisincreaseinconnectivityalsoraisestheopportunities,scale,andseriousnessofattacks.

Ransomwareattacksareoftenplannedbyhighlyorganizedgroups,generallytargetingthemostsensitiveenterprise

vulnerabilities,whichoftenincludeoperationsandOTsystems.Adisruptiontoperformanceandoperationscanbedevastating,andstate-sponsoredactorsrepresentanotherfrighteningchallenge,giventoday’schallenginggeopolitics.

compromise

20222023202420252026

56%

44%

38%36%33%

Malware

56%54%

32%32%

Ransomware/wiper

42%39%44%

22%21%

DDoS

53%

45%

Businessemail

49%41%

Phishingemail

76%75%76%

65%

50%

Intrusiontypes

Q:Whattechniqueswereinvolvedintheintrusion?

Intrusiontechniquesremainedconsistentbetween2025and2026,butfewerunintentionalandbadactorinsiderbreach

incidentswerenoted.Thisreductionmayberelatedtobettervetting,tightercontrols,ormorepeopleremaininginthesamejob.Removablestoragehastrendeddown,butwebapplicationcompromiserosein2026.

65%

59%58%

Web/applicationcompromise

60%

53%

37%36%

Mobilesecuritybreach

54%53%

48%

IoT/network

device

compromise

50%50%

41%39%41%40%

29%

25%

29%

12%13%14%

4%

Insiderbreaches:badactor

Removeable

storagedevice/

media

20222023202420252026

Insiderbreaches:

unintentional

Phishing/smishing

50%

42%

32%

26%

62%

28%

Techniquesinvolved

2026StateofOperationaITechnoIogyandCybersecurityReportREPORT

12

Q.Whatimpactdidtheintrusion(s)haveonyourorganization?

Theimpactsofintrusionsremainconsistentacrosstheboard,fromlostintellectualpropertyortradesecretsandfactorsthat

potentiallyhavepenaltiesattached,suchasfailuretomeetcompliancelevels.Operationaloutagesaffectingrevenuerosefrom42%in2025to46%in2026.Lostcriticaldataalsoincreasedfrom41%to44%,highlightingtheriskstodata.Onapositivenote,theimpacttobrandawarenessdecreasedfrom52%in2024downto35%in2026.

55%

50%

48%48%

46%

Operational

outagethat

affected

productivity

48%

46%

42%42%43%

Operational

outagethatput

physicalsafety

atrisk

43%

35%

Failuretomeet

compliance

requirements

5%3%3%5%3%

None

Operational

outagethat

impacted

revenue

20222023202420252026

Brandawarenessdegradation

Lostbusiness-criticaldata/IP

43%

37%

34%

44%

35%

44%

40%39%

44%

39%

46%

42%

44%

41%

34%34%

52%

52%

Intrusionimpacts

Q:WhatistheageofyourlCSsystem?

RespondentsappeartoberefreshingtheirICSsystemswith40%reportingthattheirsystemsareunderfiveyearsold,asharpincreasefrom2025(20%)andpreviousyears.Thisrisepointstoahealthyattitudetowardthebenefitsofmodernizationandtransformation.

Thoseorganizationswithaging11-year-oldoroldersystemsshouldupgradesoon,orifrefreshingthesystemsisn’tfeasible,theyshouldadheretoastrictpatchingandmonitoringschedule.

22%

11%

20%

40%

74%

79%

62%

47%

4%

11%

18%

12%

1%

1%

Lessthan5yearsold

6-10yearsold

11-30yearsold

30+yearsold

2023202420252026

ICSsystemsage

2026StateofOperationaITechnoIogyandCybersecurityReportREPORT

13

GlobalImpact

Q:Whatcybersecuritymeasurementsdoyoutrackandreport?

Becauseoftighteningbudgets,costreductionand/oravoidanceisthehighestmetricbeingtrackedandreportedbysurvey

respondents,followedcloselybyproductivitygains.Thevalueplacedontangibleriskmanagementoutcomesdecreasedin2026.

63%

59%

52%53%53%

Vulnerabilities

foundand

blocked

65%63%

60%

48%

42%

Costreductionand/oravoidance

59%

56%56%

47%

41%

Productivitygains

56%

52%

48%

45%

41%

Financial

implications

17%

Compliance/regulatory

reporting

54%52%

28%27%

20222023202420252026

Intrusions

detectedand

remediated

Tangiblerisk

management

outcomes

51%

47%

70%69%

42%

52%

Cybersecuritymetrics

Q:Howisyoursuccessmeasured?(Rankuptofive)

Asnoted,weareseeingashifttowardcostefficiencyandproductivityvalue,whichisreflectedinthesuccessmetrics.

In2026,thehighestnumberofrespondentscitedcostefficiency(14%)astheirtopmeasureofsuccess,upfrom11%in

2025(notshown).Securityincidentresponsetime,whichwasatopsuccessmeasurementinthepasthasdroppedfrom18%in2025(notshown)to10%thisyear.

SecurityincidentresponsetimeorreturntoservicetimeRiskandcompliancescoringforOTEfficiency/productivitygains

11%11%12%10%9%

13%10%7%8%7%

10%8%10%9%7%

8%10%10%9%8%

Costefficiency

SecurityvulnerabilitiesresponsetimeSafetyrecord

ProductionfloorefficienciesAlignmentwithbusinessprioritiesSystem/processuptime

10%15%12%10%8%

12%13%12%8%7%

12%12%12%8%9%

14%11%10%11%9%

9%7%10%9%8%

lnTop3

20222023202420252026

35%

41%

46%

46%

38%

N/A

N/A

N/A

N/A

37%

43%

42%

40%

41%

36%

39%

35%

35%

41%

34%

33%

45%

42%

43%

33%

32%

27%

30%

25%

29%

33%

31%

35%

27%

28%

33%

36%

39%

42%

27%

34%

36%

33%

34%

26%

1st2nd3rd4th5th

Successmetrics

2026StateofOperationaITechnoIogyandCybersecurityReportREPORT

14

Q:Whatcybersecurityandsecurityfeaturesdoyouhaveinplacetoday?

In2024,therewasanincreaseinthenumberofcybersecurityapproachesandtechnologiesdeployed,but2025sawaYoY

decreaseinsecurityfeaturesinanumberofareas.In2026,thisdownwardtrendcontinueswithdropsinfeaturesrelatedtobasiccybersecuritycontrols,deployment,andeffectivedefenses.However,advancedcontrolssuchasSOCandSOARareontheupswing.Thisinvestmentinmoreadvancedtechnologyisconsistentwiththecybersecuritymaturityjourney.

64%

53%

49%

48%

56%

53%

45%

47%

45%

38%

33%

47%47%

46%44%

39%

N/AN/AN/A

54%

44%45%44%

40%

31%

49%

44%

34%

24%

56%

49%

44%

42%

41%

58%

50%

48%

44%

42%

58%

49%49%

43%

41%

49%

44%

40%

41%

40%

54%

48%

43%

40%

40%

60%

47%44%

35%34%

40%41%

39%

33%31%

50%

39%

37%

31%

0%

Network

Security

Security,

Endpoint

Network

Threat

Internal

Manage

Remote

Scheduled

Secure

Internal

Advanced

Role-based

access

Operations

Orchestration,

Detection

Operations

Intelligence

security

andmonitor

management

security

remote

network

persistent

access

control

Center

Automation,

and

Center

trainingand

security

ofphysical

compliance

access

segmentation

threat

(SOC)

andResponse

(SOAR)

Response

(EDR)or

Endpoint

Antivirus

(AV)

(NOC)

education

events/event

analysis

security

reviews/

audits

(sandbox,

deception)

20222023202420252026

Existingcybersecurityfeatures

2026StateofOperationaITechnoIogyandCybersecurityReportREPORT

15

BestPractices

Basedonthe2026surveyresultsandfeedback,we’veassembledthefollowingbestpractices:

1.SegmentandmicrosegmentITandOTnetworkstolimittheimpactofattacks

ITattackscancrippleordisableOToperations,andattacks

thatdamagebothITandOTarecommon.AdefensibleOT

cybersecurityprogrambeginswithintentionalsegmentationandmicrosegmentationacrossbothITand

温馨提示

  • 1. 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。图纸软件为CAD,CAXA,PROE,UG,SolidWorks等.压缩文件请下载最新的WinRAR软件解压。
  • 2. 本站的文档不包含任何第三方提供的附件图纸等,如果需要附件,请联系上传者。文件的所有权益归上传用户所有。
  • 3. 本站RAR压缩包中若带图纸,网页内容里面会有图纸预览,若没有图纸预览就没有图纸。
  • 4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
  • 5. 人人文库网仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对用户上传分享的文档内容本身不做任何修改或编辑,并不能对任何下载内容负责。
  • 6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
  • 7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。

最新文档

评论

0/150

提交评论