Blog

5 Ways the OT Cybersecurity Market Will Change in 2020

Damiano Bolzoni | December 11, 2019

Operational technology (OT) infrastructure is changing faster than ever before. The capabilities in this space are rapidly evolving – with new ways to control operations, increase efficiency, and streamline processes – all thanks to our always-online world. As these cyber-physical systems emerge in critical infrastructure environments, a new, niche OT cybersecurity market has developed and is now in a transitional state as traditional OT management, governance, infrastructure and security become more and more influenced by IT.

Here’s 5 ways we think the OT cybersecurity market will change in 2020:

1. New Mergers, Acquisitions and Strategic Partnerships Will Cause Market Volatility

The traditional OT security market is niche and mature, with focused products that address legacy industrial platforms and networks. As these legacy systems evolve into cyber-physical systems, their security becomes strategically important for both OT and IT stakeholders. To meet the demand for comprehensive cybersecurity solutions, notable acquisitions and strategic partnerships in traditional OT security products are accelerating.

According to Gartner, by year-end 2023, security and risk management leaders will need to adjust their OT security solutions, because 60% of today’s point solution OT security providers will have been rebranded, repositioned or bought, or will have disappeared. This makes long-term planning increasingly difficult, but not impossible. The transitional state of the market makes it a wise idea for security leaders to reassess their OT security vendor landscape to take these market dynamics into account.

2. Disruptionware Will Increasingly Target OT Networks

Organizations are increasingly concerned that their core operations are under constant attack. The web of networks that hold many business operations together also increases potential entry points for malicious actors to launch disruptionware, a new breed of attack that usually includes ransomware, but also reaches more broadly to include disk-wiping malware and other disruptive malicious code. Disruptionware is about more than just preventing access to systems and data. It’s about suspending core business operations, which makes OT networks a prime target. In a recent report, we noted the rise of disruptionware across the board, particularly in manufacturing, which relies heavily on OT technology.

This predicament will further fuel the drive to increase network visibility and implement continuous monitoring solutions to reduce the risk of being affected by attacks like this. New threats and exploits are being discovered every day, with databases of vulnerabilities growing exponentially. This increase in zero-days will keep cybersecurity teams incredibly busy, which brings us to the next item on the list.

3. Demand for OT Security Services Will Increase

Since OT cybersecurity will likely become a top priority in 2020, many organizations will have difficulty expanding their security budgets to the level needed to employ enough FTEs to monitor and respond to cyberthreats in-house and also may have difficulty finding employees fit for the job, since there’s a sizeable cybersecurity skills shortage in the market. As enterprises start to realize the extent of this skills shortage and their budget gaps, it will lead many of them to look into outsourcing those responsibilities to other firms specializing in OT cybersecurity. Many security services companies will have the opportunity to deepen their OT portfolios and expertise.

Companies should be choosy when evaluating a services provider, as there are many different levels of OT security expertise out there. Some have a strong OT heritage and excel in certain verticals, while others are core IT service providers taking a first stab at venturing into the OT realm. Because of the critical nature of OT security, proof-of-concept (POC)-based security services should be carefully evaluated and include input and coordination from all relevant teams.

4. Security Leaders Will Increasingly Blend Passive & Active OT Security Techniques

For many years, most OT security practitioners shunned active solutions, based on the well-founded fear that touching sensitive OT networks could compromise operational stability. To ease OT operators’ worries, most OT security tools operated passively up until recently by simply listening to traffic on the network without direct interaction with endpoints.

As vendors advance their OT-specific active capabilities, security leaders are becoming more comfortable with active methods and starting to blend passive and active security techniques for deeper asset visibility and easier compliance with regulatory standards like NERC CIP.

5. OT Cybersecurity Regulations Will Continue to Increase

Governments around the world are increasingly concerned about security threats to OT networks, especially if that network supports a critical infrastructure function, like providing electricity or clean drinking water to citizens. Examples of recent efforts from governments to heighten security oversight of critical infrastructure companies include the implementation of the EU’S NIS Directive, NERC CIP issuing the largest fine in its history, and the passage of America’s Water Infrastructure Act (AWIA).

To help lessen these compliance burdens, many organizations will seek out and deploy OT security technologies in 2020. During these PoCs, companies should structure their requirements in a way that will accurately assess an OT vendor’s maturity and suitability for meeting the guidelines from a particular regulation.

For more emerging market trends in OT cybersecurity and recommendations for future-proofing your OT security strategy, download Gartner’s Market Guide for OT Security.