-
Industrial
- Healthcare
-
Commercial
- Public Sector
- Threat Research
- Partners
-
Resources
Featured Content
- Company
Blog / 5 min read
One thing security leaders have struggled with against the C-suite is the perception that security is a cost center. This rationale isn’t the same barrier it was a decade ago, given the rash of breaches and regulatory progress made in the industry since then, but in some cases, that mentality still hampers some IT investments in cybersecurity. The hyperconnected world we live in today has introduced new urgency to removing this barrier.
Most experts agree that over the past two years, COVID has accelerated digital transformation significantly—by five to 10 years—as has the convergence of highly connected cyber-physical systems that we increasingly depend on in commercial, industrial, and healthcare environments. This will only accelerate as our reliance on online access to physical systems for greater automation, control, efficiency, and convenience continues to grow. Various forms of operational technology (OT)—from industrial control systems (ICS) to connected medical devices to building management systems (BMS)—have grown increasingly interconnected with other assets, driving the rise of the Extended Internet of Things (XIoT) across industrial, medical, and commercial environments. In this ever-expanding universe of the XIoT, new attack vectors emerge because many of these systems were not designed to co-exist seamlessly.
Despite the many advantages of digital transformation and the XIoT, these developments also result in a vastly larger attack surface that gives cyber threat actors far more entry points into these types of networks and the critical systems and assets that underpin them. Indeed, the attacks against the Oldsmar, FL water treatment facility, Colonial Pipeline, JBS Foods, and Eskenazi Health are among the many examples we’ve all heard about in the news. Yet, winning over those who sign purchase orders with scary stories remains a non-starter. Like their predecessors, leaders inside industrial enterprises must instead learn to convince executives that cybersecurity is an enabler.
The more important converged cyber-physical systems are to your business, the more essential effective XIoT cybersecurity is to the success of your operations. It can enable your business in these three valuable ways:
For organizations whose cyber-physical interconnectivity is the lifeblood of their business, revenue is generated and customers’ lives are improved when those XIoT systems and devices are up and running. Any risk that threatens availability and uptime can have significant financial impact when assets must be shut down and restarted. Attacks can also be devised to put product delivery at risk, creating changes in a product that aren’t desirable in many, different ways, such as tampering with machinery to change recipes, or contaminating water supplies used in the production process. Finally, and most importantly, OT environments often include safety systems to protect people inside or near the facility in case of machinery malfunctions. A compromise to these systems could have devastating effects on the lives of workers, their families and local communities.
Action: The OT network has been a blind spot for IT security professionals for decades, but now the urgency is escalating to drive visibility, continuity, and resiliency across the ever-expanding XIoT as most of this connectivity isn’t created intentionally or even knowingly. Because most critical infrastructure environments have no modern security controls you have an opportunity to design a security program from scratch – without having to worry about existing security technology. You can prioritize the most important use cases and focus on gaining full visibility into your XIoT environment. With granular details of all XIoT assets, processes, and connectivity paths in your network, as well as definitive insight into what normal looks like, you can identify threats in the network to mitigate risk and assure continued operations of critical processes.
Connecting cyber-physical systems across the XIoT environment for automation and inputs has unlocked tremendous business value—enabling improvements in operations efficiencies, performance, and quality of service. However, it has also increased risk. The full scope and impact of the SolarWinds attack, and supply chain attacks that take advantage of the highly sophisticated and prevalent Apache Log4j vulnerabilities, likely won’t be realized for quite some time. Vulnerabilities in pervasive applications like Java create pathways for threat actors to compromise all types of cyber-physical systems and connected XIoT assets and, ultimately, put our lives and livelihoods at risk. Unfortunately, many enterprises are finding that accurately identifying—much less reducing—risk in their XIoT environments is exceedingly complex and resource-intensive largely due to fundamental differences between OT and IT.
Action: As a security professional, chances are you’ve worked hard and made strategic investments to build a strong cybersecurity foundation on the IT side to support your company’s digital initiatives. Now you have an opportunity to do the same on the OT side by using the differences between OT and IT networks to your advantage. OT network traffic provides all the security information you need to monitor for threats – the software version assets are running, firmware, serial numbers, and more. Taking advantage of this, The Claroty Platform combines all the core cybersecurity capabilities for all cyber-physical systems in industrial, healthcare, and commercial environments in one agentless solution that you can quickly implement to reveal, protect, and manage all of your XIoT assets.
Many, if not most, companies had no choice but to rapidly shift to remote work at the start of the pandemic, but it has since become the norm. These conditions have fueled unprecedented — and sustained — adoption of often-poorly secured remote access technologies, increasing connectivity between companies’ critical corporate and/or OT networks, their remote employees’ and third-party vendors’ devices, and the open internet. The attack of the water treatment facility in Florida demonstrated that adversaries are leveraging unsecure connections to gain unauthorized access to critical infrastructure. However, OT remote access isn’t just about security. OT engineers need to frictionless, reliable access to accelerate mean time to repair and mitigate the risks associated with asset issues and maintenance.
Action: As every organization has reduced staff on site, the need to safeguard OT networks from threats introduced via unmanaged and unmonitored access by remote users, and minimize delays in repairs that can increase exposure to risk, is a “must have.” Consider Claroty Secure Remote Access (SRA), a core component of the Claroty Platform, that delivers frictionless, reliable, and highly secure access to OT environments.
