OT Cyberattacks Spike in Latin America: Fortinet

Forty seven percent of organizations in Latin America’s operational sectors experienced at least one cybersecurity breach in the past year, reveals Fortinet’s 2025 Global State of Operational Technology and Cybersecurity report. The report also highlights that recovery times in the region are longer than in other geographies.

"More and more companies in Latin America are taking the security of their industrial operations seriously. We see how business leaders are assuming this responsibility, and that is reflected in a lower number of attacks and damages when cybersecurity is prioritized," writes Nirav Shah, Senior Vice President, Fortinet, in a press release. “Operational Technology (OT) cybersecurity is no longer a purely technical issue but a strategic, board-level priority.”

OT systems form the foundation of critical infrastructures in sectors like energy, manufacturing, healthcare and public services such as water treatment or gas refining. Unlike Information Technology (IT), OT manages processes and events in the physical world. An intrusion into these systems can interrupt essential services, halt production, and risk public safety.

The Fortinet report reveals a significant evolution in security governance for these environments. Responsibility for protecting OT infrastructure is shifting to senior management. According to the data, the Chief Information Security Officer (CISO) or Chief Security Officer (CSO) is now the primary person responsible for this area in more than half of the companies surveyed. This figure represents a significant increase from the 16% recorded in 2022, showing greater awareness of the financial and operational impact a cyberattack can have on the business. C-suite involvement ensures OT cybersecurity is integrated into the company’s overall risk management strategy.

The analysis for Latin America presents specific data that require attention. In addition to the 47% of companies that reported at least one intrusion, 27% faced more than three incidents in the same period. A key differentiator for the region is response time. While in other regions service recovery can take hours, this process often extends for days in Latin American organizations, magnifying the economic and operational impact of each incident.

The study establishes a direct correlation between mature cybersecurity practices and risk reduction. Organizations that have implemented proactive measures — such as continuous staff training, security vendor consolidation and unified technology platforms — reported fewer and less severe attacks.

Based on these findings, Fortinet outlines a strategic framework to strengthen security in industrial environments. This framework begins with establishing complete asset visibility and control, requiring organizations to maintain a full inventory of all devices on the OT network and apply granular access controls to protect critical assets. Another key strategy is network segmentation; implementing distinct security zones contains the spread of threats and prevents a single compromise from impacting entire operations. 

Furthermore, Fortinet urges organizations to integrate OT scenarios into their incident response plans to ensure a coordinated reaction across both physical and digital systems. To improve efficiency, Fortinet also recommends consolidating disparate security tools into a unified platform to reduce complexity and centralize management. This approach should be complemented by using OT-specific threat intelligence services for the proactive detection of threats targeting industrial environments.