Our new Biannual ICS Risk & Vulnerability Report is the most up-to-date look at CVEs disclosed in OT devices.
Check it out!
Team Member Spotlight: Justin Woody, Director of Innovation
July 26, 2021
As director of innovation at Claroty, Justin Woody leads the company’s efforts to explore, develop, and implement cutting-edge industrial cybersecurity capabilities. Woody began his lengthy career in tech as a senior network engineer at Verizon, before entering the cybersecurity space after 14 years at IBM, during which time he led a global team. He has led teams across a broad range of cybersecurity functions, including security operations centers, risk and compliance, change management, incident response, and advanced threat detection.
Q: You began your career in tech at Verizon before spending 14 years working in various roles at IBM. What compelled you to pivot toward the ICS security space?
I was running a managed response team at the time, and I was asked what we could do to respond to incidents affecting the ICS environment. That began a journey to see what could be done, and as I started digging in, I realized that much of ICS security was still unexplored. Shortly thereafter, the Triton malware attack set a new precedent with its impact on critical safety systems in 2017. That really catalyzed the development of the ICS security space, and so I went in that direction.
Q: What trends do you see shaping industrial cybersecurity in the mid-to-long-term future?
On a high level, I see three major trends shaping industrial cybersecurity over the next few years.
First is hyperconnectivity. We’re already seeing a great deal of interconnectedness between OT, IT, IoT, and IIoT assets, and that’s what’s driven the need for industrial cybersecurity in the first place. Most companies have already undergone digital transformation to a certain degree, but this process will continue over the coming years, and that’s going to require an even stronger set of security controls.
Another area to watch is behavior tracking. How do we identify and monitor malicious activity that’s carried out beyond the traditional means of network traffic patterns? For instance, if an individual comes physically close to an asset and performs an abnormal activity, companies could track that person’s footprint using Bluetooth proximity. However, that raises questions about privacy and surveillance.
Lastly, I think we’re going to see big-data analysis play a much bigger role. As we move further along with digital transformation and develop more sophisticated ways of gathering and aggregating data, there’s going to be a lot of opportunities to leverage these data lakes to develop predictive models for identifying threats.
Q: What do you enjoy most about your role as Claroty’s Director of Innovation?
My role is all about looking two or three years down the road, anticipating what challenges industrial enterprises will be encountering at that time, and developing a strategy that will put Claroty at a competitive advantage. This requires a lot of foresight, and I enjoy that challenge.
We’re only six months into having an innovation team at Claroty. Our innovation team functions as a startup within a startup that serves as an incubator for quickly coming up with new ideas and evaluating them. We’re given the ability to pursue ideas that may be considered risky, improbable, or out of the box, and if an idea is considered a failure it’s okay, because at that point we’re just brainstorming. It creates a space where it’s safe to fail.
I enjoy the challenge of looking two-to-three years down the road and seeing the next challenge we’re going to encounter. The goal is to put ourselves at a competitive advantage in the long term.
Q: What innovations have been added to The Claroty Platform because of the efforts of your team?
It’s been a fun first six months. Our first success was getting Claroty Edge into the hands of our sales team, which was released last month and is the first zero-infrastructure industrial cybersecurity solution on the market. We have other new innovations in development, so stay tuned!
Q: Tell us about how Claroty Edge came to be.
Edge came to fruition organically through our process of bouncing around ideas, testing what’s feasible, and evaluating which initiatives are worthwhile in terms of the resources required to develop them and the value they bring to our customers. In this case, Edge originated from the idea of providing customers with a quick way to view snapshots of what they have in their project files. Through our innovation-funnel process, we worked with the product team to flesh this idea out, and it evolved into a groundbreaking new way for customers to capture a complete inventory of all industrial assets—along with the vulnerabilities and risks affecting those assets—without requiring network changes, sensors, or a physical footprint.
Claroty Edge really opens up doors for enterprises with an existing industrial cybersecurity program that does not extend to certain air-gapped, physically remote, or smaller sites. It also serves as a great point of entry for enterprises at the beginning of their industrial cybersecurity journey. It’s really a game changer that’s really going to benefit a lot of use cases across a wide range of sectors, and we’re really proud to be able to offer it to our customers.
Q: What are some fun facts about you that many people may not know?
I coach high school girls basketball, am a private pilot, love boating, and I like to stay busy.