PARTNER SELL SHEET

Operational Technology

Market Opportunity
Awareness of cybersecurity risk has resulted in increased operational technology (OT)
investment. It is expected that this will lead to more mature security programs by 2030.
Westlands Advisory estimates that expenditure on OT cybersecurity and networking will
reach $10.2B in 2023. At a CAGR of 18%, the market will triple in size by 2030, reaching
$32.8B.1 If you are building a business to support energy and utilities, manufacturing, or
transportation, this is an opportunity to broaden your sales approach beyond traditional Target Companies
IT contacts in areas that need to evolve their security coverage.
Organization Size

Why Fortinet n Large enterprises with 1,000+

employees, $500K and above
Customers often deploy a variety of point security solutions within their IT and OT wallet spend, $1B+ revenue
environments, most of which are not integrated with one another. As a result, security is
complex, difficult to manage, and introduces security gaps. A unified solution simplifies
n Mid-market $5.6B wallet spend
management and reduces complexity. The Fortinet OT-Aware Security Fabric provides n Verticals: energy and utilities,
complete network visibility to securely authenticate and classify devices. Unlike other manufacturing, transportation
security solutions, it does this without scanning, as many OT networks are particularly n OT environments are typically
sensitive and scanning can have a negative effect.
heavily regulated and
physically secured
Addressing Business Challenges
Personas
Customer
How to Address Them CISO/CIO
Challenges
Leads security of both IT and
An attitude of Three-fourths of OT organizations reported at least one intrusion in the last year, corporate systems and OT
“Why change? and nearly one-third of respondents reported being victims of a ransomware
Change is attack (32%, unchanged from 2022).2 industrial operations.
difficult. No
Network Operations Analyst
disruption so Note that:
far.” 1. The Fortinet Security Fabric will help uncover signs of a breach by Responsible for the design of
recognizing indicators of compromise (IOCs). OT cybersecurity solutions that
2. A well-qualified and interested prospect could receive a Fortinet Cyberthreat ensure operational uptime and
Assessment, or an inventory of connected OT devices and assets created by
a tool such as FortiNAC, leading to a discussion of the value of segmentation.
safety.
Also, point out that research from leading system integration consultancies Manufacturing/Plant
agree that digital transformation is happening and is effective at boosting
profits. For example, 96% of executives agree that the convergence of digital Operations Manager
and physical worlds over the next decades will transform their industry.3 In control of operating the plant
safely and optimizing production
IT/OT teams Match equivalent terms from each silo when talking to customers: IT team’s goals
work in silos of data protection/uptime = OT team’s goals of people-equipment safety/service by removing operational and
with different availability. Although IT and OT teams have different security expectations, the staffing inefficiencies.
outlooks. security strategy and technologies are relatively the same for both environments.
Full details on these personas can
Discuss the importance of a unified security approach across IT and OT to be found in our Playbook.
bridge the security gap and reduce training time. Case in point: leveraging IT/
OT convergence, a production line can be remotely programmed to manufacture
different components in different weeks. And a warehouse can ship orders to
customers immediately after they are placed. In the case of critical systems,
data can be analyzed more quickly, speeding the recognition of problems.4

Confidential | For Partners and Customers under NDA. Copyright © 2023 Fortinet, Inc. All rights reserved.
1
Operational Technology PARTNER SELL SHEET

Customer
How to Address Them
Challenges

Uptime is too For many OT businesses, uptime is revenue and downtime is lost revenue. If a
important. process is working, even if it is outdated, it may be left to run for 10 to 15 years
without being patched. Because patching and updating devices can require
shutting down entire systems, most OT managers follow the rule of “if it isn’t
broken, don’t fix it.” If they do make a change, they may have to recertify the
environment, which is time-consuming. As a result, many older OT systems
are unpatched and notoriously vulnerable to malware and other threats that IT Additional Resources
networks are naturally protected against.
n OT Channel Playbook
n Qualifying Questions

Key Differentiators
For more than a decade, Fortinet has been protecting OT for critical infrastructure customers in sectors such as energy and utilities,
manufacturing, and transportation. Ruggedized Fortinet security appliances serve indoors or outdoors at sites with extreme
heat, cold, vibration, and electrical interference. A key differentiator is FortiGuard Industrial Security Services, which continuously
updates signatures to identify and police most of the common ICS/SCADA protocols for granular visibility and control. Additional
vulnerability protection is provided for applications and devices from major ICS manufacturers. This combination provides more
sophisticated application control of the traffic between zones on an ICS network, and it enables the FortiGate NGFW to detect
attempted exploits of known vulnerabilities. Fortinet has the largest ecosystem of OT security partners.

Qualifying Questions
If talking with the IT team:
n Operational technology is most often in the control of the COO or CISO. Who is responsible for OT within your
organization?
n Who leads the cybersecurity decisions for OT?
n Who would be your primary automation and control supplier? (for example: Rockwell, Siemens, ABB, Schneider Electric,
Emerson, Honeywell, and more)
n How often would IT and OT collaborate on projects/initiatives for network security, network connectivity, and secure
remote access for the industrial environment within your organization?

If talking with the OT team:

n Gain control: How is your OT environment segmented from your IT environment? How are you able to inspect and
control traffic between the two?
n Reduce structural risk: How many simple, unsecured telemetry devices, such as sensors and pressure gauges are in
use in your environment? How are you able to prevent the risk of their data being manipulated, causing risks in safety
and reliability? How are you leveraging the data collected to improve operations?
n Reduce risk from changes: Are air gaps part of your OT environment security posture? What changes might have
compromised those gaps, such as software updates and periodic patching?
n Enhance compliance: What regulations or compliance requirements impact your production environment? What
compliance challenges and concerns do you have?

See a full list of Qualifying Questions.

Confidential | For Partners and Customers under NDA. Copyright © 2023 Fortinet, Inc. All rights reserved.
Operational Technology PARTNER SELL SHEET

Competitive Landscape

Palo Alto
Fortinet Check Point Cisco
Networks

Capability

Firewall hardened for harsh OT environments, including extremes of

temperature, electromagnetic interference, and vibration

Extensive industry-specific OT protocols and signatures with daily updates Partial

Segmentation and visibility using single-pane-of-glass management

Rugged switches and outdoor wireless APs for connectivity in

nonenvironmentally controlled environment

Entire cybersecurity solution is integrated with single-pane-of-glass

visibility and management

1
“Industrial Cybersecurity Industry Analysis 2023 for Fortinet,” Westlands Advisory, July 2023.
2
“2023 State of Operational Technology and Cybersecurity Report,” Fortinet, May 24, 2023.
3
“Technology Vision 2023,” Accenture, 2023.
4
“Causes and Consequences of IT and OT Convergence,” Fortinet, September 13, 2022.

www.fortinet.com

Copyright © 2023 Fortinet, Inc. All rights reserved. Fortinet®, FortiGate®, FortiCare® and FortiGuard®, and certain other marks are registered trademarks of Fortinet, Inc., and other Fortinet names herein may also be registered and/or common law trademarks of Fortinet. All other product
or company names may be trademarks of their respective owners. Performance and other metrics contained herein were attained in internal lab tests under ideal conditions, and actual performance and other results may vary. Network variables, different network environments and other
conditions may affect performance results. Nothing herein represents any binding commitment by Fortinet, and Fortinet disclaims all warranties, whether express or implied, except to the extent Fortinet enters a binding written contract, signed by Fortinet’s General Counsel, with a purchaser
that expressly warrants that the identified product will perform according to certain expressly-identified performance metrics and, in such event, only the specific performance metrics expressly identified in such binding written contract shall be binding on Fortinet. For absolute clarity, any
such warranty will be limited to performance in the same ideal conditions as in Fortinet’s internal lab tests. Fortinet disclaims in full any covenants, representations, and guarantees pursuant hereto, whether express or implied. Fortinet reserves the right to change, modify, transfer, or otherwise
revise this publication without notice, and the most current version of the publication shall be applicable.

August 12, 2023 5:10 PM

2286919-0-0-EN