The Global State of CPS Security 2024: Business Impact of Disruptions

Get the Survey Report

SPA

FRE

ITA

POR

日本語

简体中文

繁體中文

Request a Demo

Platform

The Claroty Platform

Explore The Claroty Platform

Asset Inventory Exposure Management Network Protection Secure Access Threat Detection Operational Efficiency

Discovery Methods
Claroty Edge Passive Monitoring Safe Queries Project File Analysis Ecosystem Enrichment
Industrial

Industrial Home

Platform

Claroty xDome

Claroty xDome Secure Access

Claroty Continuous Threat Detection (CTD)

Outcomes
Cyber Resilience Operational Resilience

Verticals
Automotive Chemical Electric Utilities Food & Beverage Oil & Gas Pharmaceutical & Biotechology Transportation

Regulations
NIS2 Compliance NERC-CIP Compliance NIST Compliance SOCI Compliance ISA/IEC-62443 Compliance
Healthcare

Healthcare Home

Platform

Claroty xDome

Healthcare Secure Access

Outcomes
Cyber Resilience Operational Resilience
Commercial

Commercial Home

Platform

Claroty xDome

Claroty xDome Secure Access

Claroty Continuous Threat Detection (CTD)

Outcomes
Cyber Resilience Operational Resilience
Public Sector

Public Sector Home

Segments
U.S. Federal Government State, Local, Tribal, and Territorial (SLTT) National and International Government Government Regulatory & Policy Compliance The Federal Team
Threat Research

Team82 Home

Threat Intelligence

Vulnerability Disclosure Dashboard

Research

Talks

PGP Key
Partners

Partners

Technology Alliance Partners

Channel Partners

Managed Security Service Providers

Become a Partner

Partner Login
Resources

Resources

Blog

Reports

White Papers

Datasheets & Solution Overviews

Integration Briefs

Case Studies

On-Demand Webinars

Podcasts

Videos

Glossary

See All Resources

Featured Content

Introducing: The Claroty Platform — Securing CPS across industrial, healthcare, and all other critical sectors

Claroty Named a Strong Performer in The Forrester Wave™: Operational Technology Security Solutions, Q2 2024

Now Introducing Claroty xDome for Healthcare

Inside Claroty’s Exposure Management Capabilities for Cyber-Physical Systems

Britvic's Journey to Enhanced Asset Visibility & Risk Mitigation with Claroty
Company

About Us

Careers

Leadership

Newsroom

Trust Center

Events

Contact Us

Cyber-Physical System Security Glossary

Claroty's CPS Security Glossary includes industry terms and definitions, along with additional resources, that provide a foundational understanding of multiple components of cybersecurity.

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Search Glossary Terms:

A

Active Monitoring

Active monitoring works by sending test traffic into the network and polling endpoints with which it comes into contact. By sending packets directly to endpoints, active scanning can be faster in collecting data, but this also increases the risk of endpoint malfunction by pushing incompatible queries to them or saturating smaller networks with traffic.

Related Resources

Blog Post: 7 Ways to Improve Asset Visibility
Blog Post: Feature Spotlight: Claroty Active Queries
White Paper: Evaluation Criteria for Choosing an ICS Cybersecurity Monitoring System

Air Gapped

An air gap, air wall, or air gapping is a network security measure employed on one or more computers to ensure that a secure computer network is physically isolated from unsecured networks, such as the public Internet or an unsecured local area network.

Related Resources

Blog Post: How to Better Protect Air-Gapped Federal Critical Infrastructure
Blog Post: Aerospace Cybersecurity: Protecting the Skies in the Digital Age
Report: The Journey to Cyber-Physical Systems Security

Asset Discovery

Asset discovery refers to the process of identifying all hardware, software, and XIoT assets within an organization's OT environment. You can’t protect what you can’t see, that’s why asset discovery is foundational not only to cyber resilience but to an organization’s entire CPS cybersecurity journey.

Related Resources

Blog Post: OT Asset Discovery: 5 Steps to Gain Visibility for Your Network Assets
Webinar: Product Walkthrough: Industrial Asset Discovery
Blog Post: Feature Spotlight: ICS Asset Discovery Methods

Asset Inventory

An asset inventory refers to a comprehensive list of all hardware, software, and XIoT assets within an organization’s OT environment. Having a complete asset inventory is essential in an organization’s overall CPS security strategy as it provides the foundation for identifying vulnerabilities, and implementing the proper security controls to defend against cyberthreats.

Related Resources

Blog Post: 7 Ways to Improve Asset Visibility
Blog Post: OT Asset Discovery: 5 Steps to Gain Visibility for Your Network Assets
Blog Post: Feature Spotlight: ICS Asset Discovery Methods

Asset Management

Asset management refers to the systematic process of inventorying, tracking, and managing all the physical and digital assets within an OT environment. This includes devices, systems, software, and data that are part of the industrial control systems (ICS), supervisory control and data acquisition (SCADA) systems, and other OT networks.

Related Resources

Case Studie: Connected Asset Management through Real-Time Visibility at Yale New Haven Health System
Webinar: Product Walkthrough: Industrial Asset & Change Management
Blog Post: Best Practices for Securing Industrial Environments, Part 5: Control Access

B

Building Automation Systems (BAS)

Building automation systems (BAS) are a network of connected devices that monitor and control a building's environment. BAS can include systems such as HVAC, lighting, security access and cameras, and alarms.

Related Resources

Blog Post: Extended Internet of Things (XIoT) FAQ
Blog Post: Ultimate Guide to Industrial Control Systems (ICS) Cybersecurity
Report: The Ultimate Buyer's Guide for Industrial Cybersecurity Platforms

Building Management Systems (BMS)

A building management system (BMS), which is at times also referred to as a building automation system (BAS) or building control system (BCS), is a type of cyber-physical system (CPS) designed to control, monitor, manage, and optimize various aspects of building operations.

Related Resources

Blog Post: The Power of Building Management System (BMS) Cybersecurity
Blog Post: BMS 101: Securing Healthcare Building Management Systems
Blog Post: Securing Building Management Systems to Ensure Process Integrity

C

Common Vulnerabilities and Exposures (CVE)

Common Vulnerabilities and Exposures (CVE) is a dictionary-type list of standardized names for vulnerabilities and other information related to security exposures. CVE aims to standardize the names for all publicly known vulnerabilities and security exposures.

Related Resources

Blog Post: Unlocking the Power of Risk-Based Vulnerability Management (RBVM)
Blog Post: A Comprehensive Guide to Medical Device Vulnerability Management
Blog Post: A Comprehensive Guide to Exposure Management for Cyber-Physical Systems

Configuration Management Database (CMBD)

Configuration management database (CMDB) is a database that contains all relevant information about the hardware and software components used in an organization's IT services and the relationships between those components.

Related Resources

Datasheet: Continuous Threat Detection (CTD)
Report: The Global Healthcare Cybersecurity Study 2023
Report: The Journey to Cyber-Physical Systems Security

Continuous Diagnostics Mitigation (CDM)

Continuous Diagnostics and Mitigation (CDM) is a US Federal government program that enables Federal agencies with tools, services and visualization/dashboards for securing their networks. The key goals of the program include reduced attack surface, improved response to attacks, increased visiblity into federal cybersecurity, and streamlined FISMA reporting.

Cyber Hygiene

Cyber Security Hygiene is a colloquial term referring to best practices and other activities that computer system administrators and users can undertake to improve their cybersecurity while engaging in common online activities, such as web browsing, emailing, etc.

Related Resources

Blog Post: Top 5 Best Practices for Good Cyber Hygiene
Blog Post: 5 Best Practices to Maintain a Healthy Clinical Network
Blog Post: 7 Best Practices for Effective Healthcare Cybersecurity

Cyber-Physical System Protection Platform (CPS PP)

The Cyber-Physcial Systems (CPS) Protection Platform (PP) market is defined by Gartner as “products and services that use knowledge of industrial protocols, operational/production network packets or traffic metadata, and physical process asset behavior to discover, categorize, map and protect CPS in production or mission-critical environments outside of enterprise IT environments.”

Related Resources

Report: A Non Zero-Sum Game
Webinar: Breaking Barriers: Redefining Traditional CPS Security Strategies
Page: Platform

Cyber-Physical Systems (CPS)

Cyber-physical systems are defined by Gartner as engineered systems that orchestrate sensing, computation, control, networking and analytics to interact with the physical world — resulting in improved operations, resilient, reliable systems, and a deeper understanding of the physical things they control.

Related Resources

Blog Post: The Ultimate Guide to Cyber Physical Systems (CPS) Security
Blog Post: 10 Examples of Cyber-Physical Systems
Blog Post: Gartner® Market Guide for CPS Protection Platforms

D

Deep Packet Inspection (DPI)

Deep packet inspection (DPI) is a type of data processing that inspects in detail the data being sent over a computer network and usually takes action by blocking, re-routing, or logging it accordingly. There are multiple ways to acquire packets for deep packet inspection.

Related Resources

White Paper: Why "Extreme Visibility" in Industrial Networks is No Longer Just a Nice-to-Have
Blog Post: External Threat Detection: A Story Of An Alert
Datasheet: Healthcare Threat Detection

Defense Critical Infrastructure

Defense Critical Infrastructure refers to any physical or digital system and asset that the Department of Defense (DoD) has identified as critical to its mission. Any impact to these systems will lead to incapacity or destruction and a debilitating impact on the department to project, support, and sustain military forces and operations.

Distributed Control System (DCS)

Distributed Control System (DCS) refers to a control system for a process or plant, wherein controller elements are not central in location, but are distributed throughout the system with each component sub-system controlled by one or more controllers. Each controller operates independently of others, but is interconnected with the rest through a high-speed communication network. The primary purpose of a DCS is to control complex, large, and geographically distributed applications in industrial processes.

Related Resources

Blog Post: Ultimate Guide to Industrial Control Systems (ICS) Cybersecurity
Blog Post: IIoT 101: Guide to the Industrial Internet of Things
Blog Post: Securing the Backbone: Critical Infrastructure Cybersecurity

DoD Risk Management Framework

The DoD Risk Management Framework (RMF) is a set of guidelines that the U.S. Department of Defense (DoD) has designed and implemented to manage information security risks in the Department's systems. This framework provides a structured, flexible process for managing the security and privacy risks associated with the operation and use of information systems and technology by identifying and assessing risks, implementing appropriate security controls to mitigate them, and continuously monitoring and improving information security.

DoD Zero Trust Reference Architecture

The DoD Zero Trust Reference Architecture is a prescriptive architecture to enable the DoD to secure and defend their information and OT systems within the JIE and DoDIN, including defense critical infrastructure (DCI) against malicious cyber activity including advanced attacks. The goals are to detect, deter, deny, defend and recover from malicious cyber activity and to have a scalable, resilient, auditable and defendable framework that can be used across DoD DCI, data, applications, assets and services (DAAS). Rolled out in phases, it begins with 91 Target levels for adoption by 30 September 2027, and is followed by Advanced levels that DoD branches must meet.

Related Resources

Blog Post: Five Ways to Overcome Challenges Securing OT systems with the DoD ZTRA
Datasheet: Mapping to the DoD Zero Trust Reference Architecture

E

Exposure Management

The term exposure refers to the state of being susceptible to potential cyber attacks due to vulnerabilities or weaknesses within an organization's CPS environment. Due to a growing attack surface, critical infrastructure organizations have been left with various points of exposure that an adversary can exploit. These entry points may lead to an attacker gaining unauthorized access, disrupting essential services, or causing various other forms of harm.

Related Resources

Blog Post: A Comprehensive Guide to Exposure Management for Cyber-Physical Systems
Blog Post: How Health Delivery Organizations Can Approach Exposure Management
Blog Post: Inside Claroty's Enterprise Management Console (EMC)

Extended Internet of Things (XIoT)

The XIoT refers to all connected assets that underpin cyber-physical systems (CPS) in industrial, healthcare, and commercial environments. It has emerged as a side effect of digital transformation and, thus, has escalated interconnectivity between the internet and assets that control physical processes.

Related Resources

Blog Post: Extended Internet of Things (XIoT) FAQ
Blog Post: The Healthcare XIoT: Key Concepts to Understand
Blog Post: How XIoT Cybersecurity Enables Your Business

F

Facility-Related Control System (FRCS)

Facility-Related Control System (FRCS) refers to the control systems that enable essential utilities, including humidity control, fire protection, temperature, electrical, mechanical, etc, the controlling devices for these systems, and standard IT that work together to achieve an objective. FRCS cybersecurity refers to protecting these access controls from bad actors seeking to exploit this system, resulting in blocking the objective. Examples include providing heating and cooling and maintaining a specific pressure or temperature.

Flyaway (Expeditionary) Kits

Known by the names of Hunt kits, Assessment kits, DCO kits, Flyaway kits, SOC in a Box, Expeditionary kits and Mobile Air Cyber Kits, these mobile, modular kits with small form factors are meant to enable operators to assess DoD networks for cybersecurity weaknesses or gaps. They contain hardware and software outfitted to meet the specific operational teams' goals to set up and conduct their cyber missions, provide feedback to reduce the attack surface and then re-deploy swiftly to the next site. The value is to reduce the need for in-field experts by flying in experts short-term to provide a swift, thorough and insightful analysis while still ensuring the utmost protection of the Federal networks they analyze.

H

Healthcare Cybersecurity

Healthcare cybersecurity refers to the protection of sensitive patient data, medical devices and assets, and other critical healthcare infrastructure from cyberattacks. Healthcare cybersecurity is critical to ensuring the availability of medical services, efficient operation of medical systems and equipment, and compliance with industry regulations for the safety and privacy of patients.

Related Resources

Report: The Ultimate Buyer's Guide for Healthcare Cybersecurity Platforms
Report: The Global Healthcare Cybersecurity Study 2023
Blog Post: The Healthcare XIoT: Key Concepts to Understand

Healthcare Delivery Organizations (HDOs)

Healthcare Delivery Organizations (HDOs) are institutions or systems that provide medical services, care, or treatments. They can encompass a variety of facilities including hospitals, clinics, rehabilitation centers, and specialized care providers.

Related Resources

Blog Post: How Health Delivery Organizations Can Approach Exposure Management
Blog Post: The Change Healthcare Cyber Attack: What It Means for Your Healthcare Delivery Organization
Blog Post: The Healthcare XIoT: Key Concepts to Understand

Human Machine Interface (HMI)

Human Machine Interface (HMI) is a user interface or dashboard that connects a person to a machine, system, or device. While the term can technically be applied to any screen that allows a user to interact with a device, HMI is most commonly used in the context of an industrial process.

Related Resources

Report: An Open Door
Webinar: Team82: A Simulation of an Industrial OT Attack
Blog Post: The Ultimate Guide to Cyber Physical Systems (CPS) Security

I

Indicators of Compromise (IoCs)

Indicators of Compromise (IoCs) is forensic evidence of potential intrusions on a host system or network.

Related Resources

Blog Post: External Threat Detection: A Story Of An Alert
Blog Post: Addressing Hospital Risk Management With Advanced Anomaly & Threat Detection
Blog Post: Overcoming Barriers to Effective OT Alert Management

Industrial Control Systems (ICS)

Industrial control systems can be defined as a collection of hardware and software systems, networks, and controls that are designed to monitor, control, operate, and/or automate industrial processes. These systems are present in various different critical infrastructure industries including chemical, electric, oil & gas, manufacturing, transportation, and more.

Related Resources

Blog Post: Ultimate Guide to Industrial Control Systems (ICS) Cybersecurity
Blog Post: ICS Security: The Purdue Model
White Paper: Claroty Support for the MITRE ATT&CK for ICS Framework

Industrial Cybersecurity

Industrial cybersecurity refers to the protection of critical infrastructure, including manufacturing plants, power grids, chemical plants, and other industrial control systems (ICS) from cyber attacks. Industrial cybersecurity is critical because an attack can have severe consequences such as production downtime, physical damage, environmental damage, or even in extreme cases, loss of life.

Related Resources

Blog Post: Global Industrial Cybersecurity Study Reveals Challenges and Priorities Amid Persistent Ransomware Threats
Blog Post: Ultimate Guide to Industrial Control Systems (ICS) Cybersecurity
Blog Post: Industrial Risk Management 101

Industrial Internet of Things (IIoT)

The concept of the IIoT involves connecting sensors, instruments, and devices, within settings like manufacturing and energy management. Unlike the IoT, which focuses on consumers, the IIoT emphasizes improving efficiency facilitating machine-to-machine communication (M2M), and automating industrial processes. By incorporating analytics, artificial intelligence, and real-time data collection, the IIoT enables industries to achieve levels of productivity, performance, and predictive maintenance.

Related Resources

Blog Post: IIoT 101: Guide to the Industrial Internet of Things
Blog Post: IIoT Security: 5 Essential Steps to Secure your IoT Devices and OS
Blog Post: Global Industrial Cybersecurity Study Reveals Challenges and Priorities Amid Persistent Ransomware Threats

Information Technology (IT)

IT involves the use of computer systems and devices to process, manage, protect, and exchange information. The major responsibility of IT systems is to manage the data and information used to support business operations. Examples of IT systems include servers, computers, software applications, databases, and other resources used for communication, data and information storage, and/or analysis.

Related Resources

Blog Post: IT vs OT Security: Key Differences In Cybersecurity
White Paper: The Critical Convergence of IT and OT Security in a Global Crisis
Blog Post: Key Limitations of IT-Centric Remote Access Solutions in OT

Internet of Battlefield Things

The Internet of Battlefield Things (IoBT) is a network of interconnected devices that connects soldiers with smart technology with the goal of improving efficiency, decision making, and enhancing military operations. The connected devices are key to sharing critical real-time information.

Internet of Medical Things (IoMT)

IoMT encompasses various wearable devices such as smartwatches that can track health metrics, remote patient monitoring such as blood glucose monitors or ECG machines, and medical imaging systems such as MRI machines or CT scanners. The data collected from IoMT devices can be used to improve patient outcomes, enhance the efficiency of healthcare delivery, and enable remote patient monitoring and telemedicine services.

Related Resources

Blog Post: IoMT 101: Guide to Internet of Medical Things Security
Webinar: An Integrated Approach to IoMT and Endpoint Security with Crowdstrike and Torrance Memorial
Report: The Ultimate Buyer's Guide for Healthcare Cybersecurity Platforms

Internet of Military Things

Internet of Military Things refers to the complex network of interconnected devices used for combat operations and warfare.

Internet of Things (IoT)

The Internet of things (IoT) is a system of interrelated computing devices, mechanical and digital machines provided with unique identifiers (UIDs) and the ability to transfer data over a network without requiring human-to-human or human-to-computer interaction.

Related Resources

Blog Post: Medigate by Claroty Wins Best in KLAS for Healthcare IoT Security - Four Years in a Row
Blog Post: Complete Guide: Securing Healthcare IoT Devices
Blog Post: IIoT Security: 5 Essential Steps to Secure your IoT Devices and OS

M

Management of Change (MOC)

Management of Change (MOC) is a practice used to ensure that safety and environmental risks are controlled when a company makes changes in their organization.

Related Resources

Blog Post: Top Strategies for OT Security Risk Management
White Paper: Cyber Risk Management for Cyber-Physical Systems (CPS)
Blog Post: Medical Device Risk Management: Protecting Patient Care

Medical Device Security

Medical device security refers to the protection of medical devices and healthcare systems from cyberthreats. Due to IT/OT convergence, medical devices have become increasingly interconnected. Medical device security is critical for ensuring the safety and privacy of patients, protecting against threats, and ensuring the uninterrupted operation of medical devices and healthcare systems.

Related Resources

Blog Post: State of Medical Device Security: Cyber Risks and Solutions
Blog Post: Top 5 Reasons You Need a Device Security Partner
Blog Post: Medical Device Cybersecurity: HHS 405(d) Best Practices Update

N

Network Protection

Network protection refers to the strategies, activities, and measures designed to safeguard a network, the connected devices, as well as the network connectivity itself from threats and attacks. These threats could be from various sources such as hackers, viruses, malware, spyware, spam distribution, intrusion attempts, and unauthorized access.

Related Resources

Webinar: Product Walkthrough: Industrial Network Protection
White Paper: Implementing Zero Trust for Industrial Environments

Network Segmentation

Network Segmentation is an approach to technology network architecture that divides a network into multiple sub-networks that can be managed and secured separately. Effective network segmentation significantly limits the ability of threat actors.

Related Resources

Blog Post: How to Accelerate OT Industrial Network Segmentation
Blog Post: How to Accelerate Network Segmentation in DoD Networks
Webinar: Strategies for Effective Medical Device Segmentation: Insights from Bayhealth

O

Operational Efficiency

Operational efficiency in healthcare refers to the effectiveness and competency in which a healthcare delivery organization (HDO) optimizes their resources and processes to deliver high-quality services to patients in a timely, cost-effective manner. It involves improving patient satisfaction, utilizing technologies effectively, reducing waste, streamlining processes, coordination among staff, and making data-driven decisions.

Related Resources

Datasheet: Clinical Device Efficiency
Webinar: Product Walkthrough: Healthcare Operational Intelligence
Report: KLAS Healthcare IoT Security 2024

Operational Technology (OT)

OT is responsible for managing and controlling physical devices that are typically involved in the production or delivery of goods and services. Examples of OT systems include industrial control systems (ICS), sensors, robotics, and others used in critical infrastructure industries.

Related Resources

Blog Post: IT vs OT Security: Key Differences In Cybersecurity
Blog Post: Claroty Named a Strong Performer in Forrester Wave for Operational Technology Security Solutions, Q2 2024
Blog Post: OT Asset Discovery: 5 Steps to Gain Visibility for Your Network Assets

OT Cybersecurity

Operational Technology (OT) cybersecurity refers to the practices, technologies, and processes designed to protect industrial control systems (ICS), supervisory control and data acquisition (SCADA) systems, distributed control systems (DCS), and other OT environments from cyber threats and attacks. OT cybersecurity aims to ensure the safe, secure, and reliable operation of critical infrastructure and industrial processes.

Related Resources

Blog Post: IT vs OT Security: Key Differences In Cybersecurity
Blog Post: IoT Cybersecurity Improvement Act in Critical Infrastructure Companies
Blog Post: CISO Series: OT Security Best Practices and Recommendations

P

Passive Monitoring

Passive monitoring silently analyzes network traffic through a span port or tap to identify endpoints and traffic patterns. It creates no additional network traffic and has virtually no risk of disrupting critical processes by interacting directly with endpoints. However, passive monitoring can take more time to collect asset data as it must wait for network traffic to be generated to or from each asset to create a complete baseline profile.

Related Resources

Report: A Non Zero-Sum Game
White Paper: Evaluation Criteria for Choosing an ICS Cybersecurity Monitoring System
Page: Passive Monitoring - Platform

Programmable Logic Controller (PLC)

A programmable logic controller (PLC) or programmable controller is an industrial digital computer which has been ruggedized and adapted for the control of manufacturing processes, such as assembly lines, or robotic devices, or any activity that requires high reliability control and ease of programming and process fault diagnosis.

Related Resources

Blog Post: Manufacturing Cybersecurity: Challenges, Best Practices & Solutions
Blog Post: Next-Gen Defense: Cybersecurity in Smart Manufacturing
Blog Post: IIoT 101: Guide to the Industrial Internet of Things

Purdue Model

The Purdue Model was designed as a reference model for data flows in computer-integrated manufacturing (CIM). CIM is a manufacturing approach of using computers to control the entire production process — allowing operations to be faster and less error-prone. This model later came to define the standard for building an ICS network architecture that supports OT security by separating the layers of the network.

Related Resources

Blog Post: ICS Security: The Purdue Model
Blog Post: How to Accelerate OT Industrial Network Segmentation
Blog Post: Feature Spotlight: Claroty Virtual Zones

R

Ransomware as a Service (RaaS)

Ransomware as a Service (RaaS) is a subscription-based model that sells or rents predeveloped ransomware tools to buyers, called ransomware affiliates, to execute ransomware attacks.

Related Resources

Blog Post: Cyber Attack Overview: JBS Foods Ransomware Incident
Blog Post: Cyber Attack Overview: Colonial Pipeline Ransomware Incident
Blog Post: Global Industrial Cybersecurity Study Reveals Challenges and Priorities Amid Persistent Ransomware Threats

Remote Access

Remote access allows employees, contractors, and vendors of critical infrastructure organizations to remotely connect to the assets and systems that underpin their OT environment. As a result, these personnel are able to monitor, control, maintain, and troubleshoot equipment and processes without being on-premise at the facility.

Related Resources

Blog Post: The Ultimate Guide to OT Secure Remote Access
White Paper: Optimizing OT Remote Access for Third-Party Vendors with Claroty xDome Secure Access
Blog Post: Identifying Risks in Third-Party OT Remote Access

Remote Privileged Access Management (RPAM)

According to Gartner, “RPAM tools enable access for remote privileged users through session brokering, credential injection/vaulting and strong authentication capabilities, which mitigate many of the risks of unmanaged devices employed by those users. The tools also enable alignment with zero-trust architectures, because there is no implicit trust in corporate networks or endpoint devices.

Related Resources

Blog Post: Remote Privileged Access Management (RPAM) for OT Environments
Blog Post: Essentials of Zero Trust Adoption & Secure Access
Webinar: Zero Trust Meets Privileged Access for Enhanced Operational Resilience

Risk Management

Risk management refers to the process of identifying, assessing, and mitigating risks associated with hardware, software, and XIoT assets within an organization’s OT environment. Having an effective OT security risk management strategy begins with successfully identifying, assessing, and mitigating potential risks and vulnerabilities that can impact business objectives and operations.

Related Resources

Blog Post: Top Strategies for OT Security Risk Management
Blog Post: Unlocking the Power of Risk-Based Vulnerability Management (RBVM)
Blog Post: Medical Device Risk Management: Protecting Patient Care

S

Secure Access

The comprehensive strategies and technologies designed to ensure that only authorized users, devices, and systems can access certain resources, such as networks, applications, and data. This involves a combination of various security measures to prevent unauthorized access, protect sensitive information, and maintain the integrity and availability of systems.

Related Resources

Case Studie: xDome Secure Access Success Stories
White Paper: Optimizing OT Remote Access for Third-Party Vendors with Claroty xDome Secure Access
Blog Post: Essentials of Zero Trust Adoption & Secure Access

Security Information Event Management (SIEM)

Security information and event management (SIEM) combines Security Information Management (SIM) and Security Event Management (SEM) which provide real-time analysis of security alerts generated by applications and network hardware.

Related Resources

Datasheet: Choosing Vendors For Your Cyber Physical System (CPS) Security Ecosystem
Blog Post: CISO Series: Why Integrations Matter When Picking an OT Security Provider
Datasheet: Continuous Threat Detection (CTD)

Security Operations Center (SOC)

Security Operations Center (SOC) is an organized and highly skilled team whose mission is to continuously monitor and improve an organization's security posture while preventing, detecting, analyzing, and responding to cyber security incidents with the aid of both technology and well-defined processes and procedures.

Related Resources

White Paper: Five Essential Steps for a Converged IT/OT SOC
Datasheet: Common Healthcare SOC Team Challenges
Report: The Journey to Cyber-Physical Systems Security

Supervisory Control and Data Acquisition (SCADA)

Supervisory Control and Data Acquisition (SCADA) is a computer system for gathering and analyzing real time data. They are used to monitor and control a plant or equipment in industries such as telecommunications, water and waste control, energy, oil and gas refining, and transportation.

Related Resources

Blog Post: A Comprehensive Guide to SCADA Cybersecurity
Blog Post: SCADA Risk Management: Protecting Critical Infrastructure
Blog Post: ICS/SCADA Vulnerability Management: Proactive Strategies for Cyber Resilience

T

Third-Party Risk (Healthcare)

Third-party risk involves identifying, evaluating, and controlling risk associated with third parties, such as vendors, medical device manufacturers, and contractors. Protecting your organization from third-party risk includes limiting access third-parties have to devices and assets, enabling controls, and establishing safeguards.

Related Resources

Blog Post: Medical Device Risk Management: Protecting Patient Care
Blog Post: 6 Considerations to Strengthen Risk Management in Healthcare

Third-Party Risk (Industrial)

Third-party risk in industrial environments encompasses risks including cybersecurity vulnerabilities, inconsistent security practices, operational disruptions, compliance issues, and the challenge of maintaining visibility and control. These risks stem from external vendors employing IT-centric tools that are ill-suited for the specific demands of OT systems, potentially leading to increased vulnerabilities and disruptions in critical infrastructure operations.

Related Resources

Blog Post: 4 Examples of Why Industrial Remote Access is Necessary
Blog Post: Introducing Claroty xDome Secure Access: Delivering Secure Access to All of Your Cyber-Physical Systems
Blog Post: Identifying Risks in Third-Party OT Remote Access

Threat Detection

Threat detection refers to the process of identifying potential security threats and vulnerabilities in an organization’s systems and networks. Effective threat detection requires a proactive approach to cybersecurity, which involves continuous monitoring and analysis of system and network activity.

Related Resources

Datasheet: 4 Keys to Success For Threat Detection in Healthcare
Webinar: Product Walkthrough: Industrial Threat Detection
Blog Post: External Threat Detection: A Story Of An Alert

V

Visibility Orchestration

Visibility Orchestration simplifies the process of developing an accurate asset inventory by bringing transparency, simplicity, and automation to achieve the right level visibility quality, balancing with an organization's environmental, operational, and risk tolerance constraints. By abstracting the technical nuance and leveraging copilot machine learning techniques, visibility orchestration enable the most accurate results in the shortest amount of time and simplifies the deployment of those techniques.

Related Resources

Report: A Non Zero-Sum Game
Webinar: Breaking Barriers: Redefining Traditional CPS Security Strategies

Vulnerability Management

The cyclical, ongoing process of identifying, assessing, reporting on, and mitigating security vulnerabilities present within assets and devices. Vulnerabilities may either be mitigated by implementing patches or compensating controls. Since mitigating all vulnerabilities present in a given environment is virtually impossible, effective prioritization is key to effective vulnerability management.

Related Resources

Blog Post: A Comprehensive Guide to Medical Device Vulnerability Management
Blog Post: ICS/SCADA Vulnerability Management: Proactive Strategies for Cyber Resilience
Blog Post: Unlocking the Power of Risk-Based Vulnerability Management (RBVM)

Z

Zero Trust

Also known as perimeterless security, Zero Trust architecture emerged as an alternative to the perimeter-based security model, which was quickly rendered outdated as digital transformation and remote access were widely adopted across virtually all sectors. While Zero Trust originally pertained mainly to IT assets, the rapid digitization of operational technology (OT), medical devices, and other cyber-physical systems have made Zero Trust a fundamental best practice for securing the Extended Internet of Things (XIoT).

Related Resources

Blog Post: Essentials of Zero Trust Adoption & Secure Access
White Paper: Implementing Zero Trust for Industrial Environments
White Paper: What is Clinical Zero Trust in Healthcare?

Zero-Day Attack

Zero-day is a flaw in software, hardware or firmware that is unknown to the party or parties responsible for patching or otherwise fixing the flaw. The term zero day may refer to the vulnerability itself, or an attack that has zero days between the time the vulnerability is discovered and the first attack.

Related Resources

Blog Post: ICS/SCADA Vulnerability Management: Proactive Strategies for Cyber Resilience
Blog Post: A Comprehensive Guide to Medical Device Vulnerability Management
Blog Post: Unlocking the Power of Risk-Based Vulnerability Management (RBVM)

Claroty Demo

Want to learn more about how the Claroty Platform can empower your CPS cybersecurity journey?

Request a Demo