By The Claroty Team | December 20, 2021

Claroty is proud of the high-quality, educational webinar programs we delivered live this year on topics including the latest industrial cybersecurity trends, challenges, and strategies to help you minimize the risks threats pose to your environment. As the year comes to a close and we begin our work on programming for next year, we thought we’d look back at our top webinars in 2021, including our latest in Q4.
The brief recaps and links to the on-demand replays below, make it easy for you to scan for areas of interest that you may have missed previously and get up to speed quickly. Enjoy!

Going Deep to Discover Vulnerabilities and Advance Secure Software Development

Fiercely committed to strengthening OT security, Claroty’s Team82 works closely with industrial automation vendors over the course of the vulnerability lifecycle from initial research efforts, through a coordinated disclosure process, mitigation, and advancement of secure software development practices. In this session, we’ll take you through this journey that includes Claroy’s research into industrial protocols used by AVEVA products. The research discovered vulnerabilities that could have exposed systems to remote attacks resulting in code execution or server crashes. We’ll explain Team82’s research process, and showcase how a successful, coordinated, vulnerability disclosure results in a safer ecosystem for users across the industrial domain.

Ransomware: Preparation and Response for Critical Infrastructure

The escalation of attacks against industrial targets is driving security and risk decision-makers to strengthen operational resiliency and accelerate detection and response when attacks happen. In this session, panelists from Claroty, Booz Allen Hamilton, and Pfizer provide guidance on preparing for, responding to, and remediating attacks, as well as tips for building a comprehensive OT/IoT/IIoT device inventory that serves as a springboard for detection and response. Get an inside look at the risks posed by these unmanned devices and how to mitigate them.

Inside the ICS Vulnerability Landscape: Finding and Fixing Bugs

In the wake of attacks, such as those against the Oldsmar, Fla. Water treatment facility and Colonial Pipeline, the state of resilience among industrial enterprises has been exposed and industrial cybersecurity has become a priority. In this session, Chen Fradkin, Claroty Team82 researcher and author of the latest Biannual ICS Risk & Vulnerability Report: 1H 2021, shares key findings and covers a range of topics behind the numbers. Learn about trends in vulnerabilities, attack vectors, and affected products, as well as mitigation and remediation strategies and what to expect into 2022.

The Race to Native Code Execution in PLCs

Programmable logic controllers (PLCs) are a valuable target for attackers. In May, Claroty disclosed a critical memory-protection bypass vulnerability affecting Siemens S7-1200 and S7-1500 PLCs that, when exploited, could allow attackers to bypass the Siemens PLC sandbox, run code in protected areas of memory, and establish persistence on a device that would be difficult to detect and remove. Watch this webinar to learn about this discovery as well as previous work on PLC vulnerabilities and exploits, how the companies coordinated disclosure resulted in an update addressing the issues, and why coordinated disclosure is a must for vendors and researchers.

Claroty Edge: Visibility without Compromise

Introduced in June 2021, Claroty Edge is the first OT visibility tool that does not require network changes, nor does it utilize sensors, or require a physical footprint on the network. Watch this webinar to learn the instant value of a zero-infrastructure OT security solution that doesn’t burden your network with performance impacts, nor staff with a steep learning curve. See how you can gain a complete inventory of managed and unmanaged OT, IoT, and IIoT assets, while identifying and managing the vulnerability risk affecting those assets. Whether you’re just getting started with industrial security or want to see and secure devices at additional locations, Claroty Edge is a faster and easier way to meet your objectives.

The Implications of Ransomware on OT

The Colonial Pipeline ransomware attack elevated industrial cybersecurity to the mainstream when the U.S. experienced its first major shutdown of critical infrastructure due to a cyberattack in the nation’s history. Watch this session with Claroty experts, including Admiral (Ret.) Michael S. Rogers, Claroty Chairman, Board of Advisors, and gain insights, advice, and next steps for IT and OT teams. Learn what motivates cybercrime groups and why critical infrastructure can be swept up in targeted and opportunistic attacks. Come away with basic security practices that can lessen the impact of a ransomware attack, as well as important topics to follow as protecting critical infrastructure becomes a national and global priority.

Five Essential Steps for a Converged IT/OT SOC

As organizations strategize around the integration of IT and OT systems and networks, a converged SOC is becoming the focal point for visibility and incident response in both environments. Claroty and SANS experts join forces to explore the growing trend of an integrated IT/OT SOC and how to build and maintain one in order to ensure the availability, reliability, and safety of industrial processes. Watch this webinar to learn the five essential steps that have proven instrumental in optimizing the efficacy, efficiency, and implementation time of a converged SOC. Get tips on how to gain executive buy-in and an outline of the performance and total cost of ownership advantages of a converged SOC.

Oldsmar Water Attack Teaches Us About Secure Remote Access

If your staff is relying on remote-desktop sharing applications for remote connectivity, they may be unwittingly exposing your critical infrastructure to risk. Although frequently preferred for usability and cost, these insecure connections can have devastating public safety implications when compromised. Watch this session to better understand how attackers exploit their shortcomings and get valuable mitigation strategies and other recommendations to keep your critical infrastructure secure.

Understanding and Reducing Risk to Water and Wastewater Utilities

Claroty’s ICS Risk & Vulnerability Report: 2H 2020 finds that the number of water and wastewater vulnerabilities increased 54% year-over-year. Watch this session to hear from a panel of IT and governance experts on the front lines, about the top challenges to water utilities and how to best reduce risk. Rockwell and Claroty follow-up with a discussion of how their combined offerings deliver a scalable, managed solution that secures connected enterprises and critical infrastructure organizations, including water utilities.

Exploring the OPC Attack Surface

The Open Platform Communications (OPC) network protocol stack was introduced more than 25 years ago to provide vendors of OT devices with a standard way to exchange information about industrial processes. A lot has changed since then. In this session, hear from one of the authors of Claroty’s new research paper, on the implementation and security challenges for OPC’s various specifications, critical security vulnerabilities in three vendor implementations and how to obtain patch and mitigation information, as well as key considerations as OPC continues to evolve to support cloud and IoT connectivity.

How Electric Utilities Providers are Powering Up OT Security

Electric utilities often operate geographically dispersed sites and rely on a complex web of devices and systems from multiple vendors to provide redundancies to withstand failures, including from cyberattacks. In fact, studies find the energy sector experienced the largest increase in breaches between 2019 and 2020 of all sectors surveyed. Watch this session to learn how to protect these increasingly connected environments and gain visibility into OT assets to detect attacks and close exploitable vulnerabilities.

We hope you find this viewer’s guide a useful resource to help you navigate our top webinars in 2021 and catch up on important updates and information you may have missed the first time around.

We look forward to continuing our schedule of quality programming in 2022 and encourage you to check back for more webinars in the new year! Thanks for watching!