|
New Research from Claroty's Team82 Highlights Remote Access Risks Facing Mission-Critical OT Assets
Wednesday, May 29, 2024
Claroty Bolsters Secure Access Solution to Enable Safe Operations for Cyber-Physical Systems
NEW YORK, May 21, 2024 /PRNewswire/ -- Claroty, the cyber-physical systems (CPS) protection company, today announced new proprietary data revealing that 13% of the most mission-critical operational technology (OT) assets have an insecure internet connection, and 36% of those contain at least one Known Exploited Vulnerability (KEV), making them both remotely accessible and readily exploitable entry points for threat actors to disrupt operations. To address these risks fueled by the growing adoption of remote access technologies in CPS environments, Claroty today launched its newly enhanced Claroty xDome Secure Access (formerly Claroty Secure Remote Access). The solution balances frictionless access and secure control over interactions to CPS, thereby enhancing productivity, reducing complexities and risk, and ensuring compliance across first- and third-party users.
According to Gartner, "While CPS technologies (often interchangeably called OT/IoT/IIoT/ICS/IACS/SCADA, etc.) that support production or mission-critical processes were initially deployed in isolation, they have become increasingly connected to each other and to enterprise systems. In addition, organizations now need OEMs, contractors and employees to operate, maintain and update them from afar."((1))
To shed light on the security implications of this increased connectivity, Claroty's award-winning research group Team82 analyzed a sample of over 125,000 OT assets, their internet connection, and exploitability. Key findings include:
-- 3.7% of all OT assets have an insecure internet connection, meaning they
communicate with the internet generally, excluding unidirectional,
manufacturer, and endpoint security communications, allowing attackers
to easily scan the IP address space to find and attempt to access them
remotely.
-- 13% of engineering workstations (EWS) and human-machine interfaces
(HMIs) have an insecure internet connection. These linchpin assets are
used to monitor, control, and update production systems, and because
they can connect up and down the Purdue Model architecture for ICS and
in some cases to the enterprise IT network, attackers can use them as an
initial foothold for lateral movement.
-- 36% of insecurely internet-connected EWS and HMIs contain at least one
KEV. The combination of high criticality, high exposure, and high
exploitability makes these assets prime targets for threat actors
seeking to maximize operational disruption.
_______________________
(1)
Gartner, Innovation Insight: CPS Secure Remote Access Solutions, Katell Thielemann, Abhyuday Data, Wam Voster, 18 April 2024. GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.
"Our research supports the notion that increased remote access translates to an expanding attack surface and greater risk of disruption to critical infrastructure, which can ultimately impact public safety and the availability of vital services," said Amir Preminger, vice president of research for Claroty's Team82. "As remote access to mission-critical OT assets such as EWS and HMIs is now the standard operating approach, organizations must ensure they are equipped to grant access to specific assets intentionally and on a least-privileged basis."
Learn more about Team82's findings in the report, "An Open Door."
Balancing Frictionless Access and Secure Control
Per Gartner, "While [operating, maintaining, and updating CPS from afar] was historically done with VPN and jump-server-based approaches, these have proven increasingly unsecure and complex to manage. VPN vulnerabilities have multiplied in recent years, leading to exploitation and emergency directives such as CISA's ED-24-01.1 In addition, most VPNs provide broad network access, and efforts to restrict this broad access at a more granular level leads to complex and costly oversight."((2))
To address the unique and complex security challenges posed by the rise in CPS remote access, Claroty's xDome Secure Access solution is purpose-built for the specific needs of the OT domain. It operationalizes the right balance between frictionless access and secure control over third-party interactions with CPS, thereby enhancing productivity, reducing complexities and risk, and ensuring compliance across first- and third-party users. By integrating foundational security principles such as Identity Governance and Administration (IGA), Privileged Access Management (PAM), and Zero Trust Network Access (ZTNA), Claroty xDome Secure Access sets new standards for resilience and operational excellence in the CPS landscape.
Key benefits include:
-- Increase productivity: Seamless access for both first- and third-party
users effectively reduces Mean Time to Repair (MTTR) by facilitating
quicker issue resolution, operating under low bandwidth conditions,
ensuring high system availability, and upholding critical site
survivability.
-- Reduce risk: The solution incorporates a tailored Zero Trust framework,
PAM capabilities, and IGA functionality to enhance incident management,
access controls, and system monitoring, ultimately minimizing risks and
safeguarding critical assets, so organizations can manage and govern the
entire identity lifecycle, from initiation to retirement, with the
utmost precision and security.
-- Reduce complexity: Significantly reduce administrative complexity with a
scalable, cloud-managed architecture that offers the flexibility to
operate seamlessly both on-premises and in the cloud. The solution also
simplifies administrative tasks that require constant operational
control by integrating seamlessly with Identity and Access Management
(IAM) tools, enhancing identity management, and enabling centralized
site management and policy creation.
-- Maintain compliance: The solution adheres to key compliance standards
and provides the necessary controls for real-time logging and auditing
of user identities, which is crucial for maintaining comprehensive audit
trails and meeting regulatory requirements, protecting your organization
against potential legal and financial penalties.
_________________________
(2)
Gartner, Innovation Insight: CPS Secure Remote Access Solutions, Katell Thielemann, Abhyuday Data, Wam Voster, 18 April 2024.
"Frictionless access to industrial CPS assets is essential to maximize business outcomes, yet many OT assets were historically insecure by design. Safe and secure CPS access requires precise access management, identity management, privileged access, and identity governance capabilities - all built for the exacting operational requirements, environmental constraints, and risk tolerances unique to OT environments. Every access to an OT asset is privileged access by definition as they have the potential to impact safety and availability," said Grant Geyer, chief product officer at Claroty. "Claroty xDome Secure Access not only provides frictionless access to maximize productivity, it also does so with built-in security that is invisible to the operator which is crucial for safeguarding critical infrastructure."
To learn more about Claroty xDome Secure Access:
-- Read the Claroty xDome Secure Access solution overview or the Claroty
blog
-- Register for the webinar, "Zero Trust Meets Privileged Access for
Enhanced Operational Resilience," on June 13, 2024 at 11:00 a.m. EDT
About Claroty
Claroty empowers organizations to secure cyber-physical systems across industrial, healthcare, commercial, and public sector environments: the Extended Internet of Things (XIoT). The company's unified platform integrates with customers' existing infrastructure to provide a full range of controls for visibility, exposure management, network protection, threat detection, and secure access. Backed by the world's largest investment firms and industrial automation vendors, Claroty is deployed by hundreds of organizations at thousands of sites globally. The company is headquartered in New York City and has a presence in Europe, Asia-Pacific, and Latin America. To learn more, visit claroty.com.
View original content to download multimedia:https://www.prnewswire.com/news-releases/new-research-from-clarotys-team82-highlights-remote-access-risks-facing-mission-critical-ot-assets-302151081.html
SOURCE Claroty
|
|
|
|
|
|
 |
Bosch Demonstrates "The More You Bosch, The More You Feel Like A Bosch" with First-Ever Big Game Ad | Feb 15, 2025
|
|
zeb Achieves AWS Premier Tier Services Partner Status | Feb 15, 2025
|
|
Schneider Electric reveals new patent introducing AI to process safety to help reduce hazards | Feb 15, 2025
|
|
Nozomi Networks welcomes Schneider Electric to its MSSP Elite Partner Program to Deliver Advanced Managed Security Services Worldwide | Feb 15, 2025
|
|
'Close Enough' a novel by François Domain | Feb 15, 2025
|
|
AWS Recognizes Agilisium as one of 13 Global Partners with both Generative AI and Life Sciences Consulting Competencies | Feb 15, 2025
|
|
Databricks Announces Launch of SAP Databricks | Feb 15, 2025
|
|
Lockheed Martin CEO and CFO to Speak at Citi's 2025 Global Industrial Tech and Mobility Conference | Feb 15, 2025
|
|
Glasswall Enhances Zero-Trust Content Disarm and Reconstruction (CDR) File Protection Solution with Advanced Threat Intelligence from ReversingLabs | Feb 15, 2025
|
|
Neutrinos Introduces Agentic AI Composer, Powering Enterprise-wide AI Transformation for Insurance | Feb 15, 2025
|
|
|
|
