According to Claroty’s Global State of CPS Security 2024: Business Impact of Disruptions report, 73% of commercial organizations within the data center, retail and hospitality, and commercial real estate sectors experienced a cyberattack that impacted both their information technology (IT) and cyber-physical systems (CPS).
When asked about what security capabilities may have decreased the impact of these cyberattacks, commercial sector respondents noted that there are several capabilities missing from their cybersecurity program. For commercial real estate companies, having an accurate asset inventory was the most important capability they were missing that may have decreased the impact of cyberattacks their organization experienced (40%). While retail and hospitality respondents selected identity and access management (33%).
These results make it abundantly clear that commercial organizations require comprehensive visibility and business context into all of the CPS assets in their environment to combat new and emerging cybersecurity threats. However, commercial sectors have unique CPS visibility needs to consider.
In this blog, we’ll dive into the top asset visibility challenges plaguing commercial environments, and the purpose-built strategies and solutions your organization can implement to combat these challenges and meet your unique needs.
Many times, commercial environments have a variety of geographically dispersed sites that depend on a blend of CPS asset arrays such as climate control, lighting, and physical security. These CPS assets are typically an integrated part of their IT infrastructure, yet security teams may not have complete business awareness of how these assets are interconnected or what their criticality is.
This poses a significant challenge because if commercial organizations do not understand what assets they have, where they are located, what their status is, or what critical processes they underpin, they aren’t able to sufficiently protect them.
Unlike in industrial and healthcare environments, passive monitoring of network traffic to gain visibility into CPS isn’t a practical asset discovery method for most commercial verticals. That’s because passive detection requires dedicated hardware that would be too expensive and complicated to deploy in multi-site commercial environments.
The use of passive monitoring also poses a risk to commercial environments due to the unique challenge of protocol encryption. Encrypted protocols prevent passive traffic monitoring from gaining asset details that are critical for CPS cybersecurity controls.
Commercial companies require asset discovery methods that provide deep visibility without the need for hardware or configuration changes and are recommended for their unique environments.
As such, commercial organizations are challenged to find a CPS cybersecurity partner that provides the right mix of dynamic discovery methods to gain the asset details needed to ensure a deep and accurate asset inventory.
Although passive network monitoring has long been the status quo for asset discovery, commercial organizations are faced with the unique challenges we discussed above that prove they require a specialized approach. At Claroty, we understand these challenges. That’s why we’ve developed a dynamic approach to visibility that helps building operations to achieve a scalable architecture, obtain visibility in minutes, and attain a lower cost of ownership.
Claroty’s Dynamic Discovery methods provide a proactive approach to asset identification and profiling that is not solely reliant on passive monitoring of network traffic. This approach gives commercial organizations the flexibility to easily combine asset discovery techniques based on their CPS visibility needs.
Safe Queries: Safe queries provide a targeted discovery of assets in their native protocol.
Claroty Edge: Claroty Edge delivers speedy, host-based asset profiling through orchestrated queries.
Project File Analysis: Project file analysis provides asset enrichment by regularly ingesting offline configuration files.
Integrations: Integrations offer enriched visibility without any hardware or configuration changes.
Passive Monitoring: Continuous monitoring of network traffic to identify asset profiles
As commercial organizations continue to face unprecedented cybersecurity challenges in the new year, it is paramount they establish a comprehensive cybersecurity strategy, beginning with asset visibility. Claroty can get you started on your journey by providing full visibility into your asset inventory with multiple discovery methods, supported by the industry's most comprehensive library of CPS communication protocols.
To learn more about our unified CPS protection platform, get in touch with one of our experts.
Best Practices for Securing Industrial Environments, Part 4: Secure the Unknown
Interested in learning about Claroty's Cybersecurity Solutions?
