CISO ME Issue 01 | Page 12

Legacy systems remain major cybersecurity challenge for utilities sector
Fortinet surpasses one million people trained in cybersecurity

CISO news

Legacy systems remain major cybersecurity challenge for utilities sector

tilities organisations are facing growing cybersecurity challenges as they balance operational resilience, regulatory

U compliance and ageing infrastructure, according to Bridewell’ s Cyber Security in Critical National Infrastructure Report 2026.

The research found that 77 % of utilities organisations experienced attacks involving outdated software or unavailable patches on legacy equipment during the past 12 months, making it the most common cyberincident affecting the sector.
Phishing and business email compromise affected 76 % of organisations, while malware impacted 74 %. More than seven in 10 respondents also reported incidents involving unauthorised system access.
Data protection and privacy emerged as the leading cybersecurity concern, cited by 46 % of respondents. Managing AI-related cyber-risk and improving incident detection capabilities were also identified as key challenges.
The report found that regulation is now the primary driver of cybersecurity maturity within the utilities sector, cited by 36 % of respondents.
Nearly half of organisations( 47 %) reported IT disruption or outages following a cyberattack, making it the most common consequence of an incident. Supply chain attacks also took the longest to respond to, requiring an average of 9.9 hours.
“ Many of the systems underpinning essential utilities services were designed to operate for decades in environments that were never intended to be connected to modern digital networks,” said Sam Thornton, COO at Bridewell.“ It’ s therefore significant that 77 % of utilities organisations reported attacks involving outdated software or unavailable patches on legacy equipment. As utilities providers continue to modernise and connect operational systems, managing the gap between legacy infrastructure and modern security requirements is becoming one of the sector’ s biggest cybersecurity challenges.”

Fortinet surpasses one million people trained in cybersecurity

F ortinet has announced that it has trained more than one million people in cybersecurity, achieving a target it set in 2022 ahead of schedule.

The milestone was reached through the company’ s training and certification initiatives, including its NSE Certification programme and the Fortinet Training Institute, which provide cybersecurity education for learners ranging from beginners to experienced professionals.
According to Fortinet, the achievement reflects increasing demand for practical cybersecurity skills as organisations continue to face talent shortages and a rapidly evolving threat landscape shaped by AI, cloud adoption and hybrid working environments.
The company’ s 2026 Global Cybersecurity Skills Gap Report found that 91 % of IT decision-makers prefer candidates with technology-focused certifications, while 92 % would pay for employees to gain certifications. The report also found that 92 % of respondents plan to invest in AI-related cybersecurity training or certifications over the next 12 months.
Melonia Da Gama, Director of Training and Learning
Programs, Fortinet The research highlighted ongoing workforce challenges, despite cybersecurity becoming a growing board-level priority. Fortinet reported that 73 % of organisations now consider cybersecurity a high business priority, yet many continue to struggle with hiring and retaining skilled professionals.
“ Today, we are marking a major milestone in that effort: Fortinet has fulfilled its pledge made in 2022 and trained more than one million people in cybersecurity over five years,” said Melonia Da Gama, Director of Training and Learning Programs, Fortinet.
Fortinet said it will continue expanding training, upskilling and reskilling programmes to help address the global cybersecurity skills gap and prepare professionals for emerging cyberthreats.
12 WWW. INTELLIGENTCISO. COM / MIDDLE-EAST