July 15, 2025

Cyber intrusions persist in Canada, says report

Inside Logistics Online Staff

Nearly half of Canadian organizations experienced at least one cybersecurity intrusion in the past year, according to Fortinet’s newly released 2025 State of Operational Technology and Cybersecurity Report.

The report, based on a global survey that included responses from Canadian professionals in sectors such as transportation, health care and energy, shows that while operational technology (OT) cybersecurity maturity is improving, cyber threats remain a serious challenge. Eleven per cent of Canadian respondents reported more than six intrusions in the past year, and attacks in North America were more likely to last for months compared to those in other regions.

The report finds a correlation between higher cybersecurity maturity levels and fewer or less severe attacks. “Those organizations that report being more mature… are seeing fewer attacks or indicate that they are better able to handle lower-sophistication tactics, such as phishing,” the report notes.

Responsibility for OT cybersecurity is also shifting upward. More than half (52 per cent) of respondents say their organization’s CISO or CSO is now responsible for OT security, up from 16 per cent in 2022. That figure jumps to 95 per cent when including all C-suite roles.

Adopting cybersecurity best practices is yielding benefits, Fortinet says, pointing to a drop in business email compromise and a sharp rise in threat-intelligence integration, which spiked 49 per cent since 2024. The report also notes a trend toward vendor consolidation, with 78 per cent of organizations now using just one to four OT device vendors.

“The seventh installment of the Fortinet State of Operational Technology and Cybersecurity Report shows that organizations are taking OT security more seriously,” said Nirav Shah, senior vice-president, products and solutions, at Fortinet. “We see this trend reflected in a notable increase in the assignment of responsibility for OT risk to the C-suite, alongside an uptick in organizations self-reporting increased rates of OT security maturity.”

The report concludes with recommendations for organizations to bolster OT security, including increasing network visibility, deploying segmentation and integrating OT into broader security operations and incident response plans.