WebsiteGear Logo Log In
New User? Sign Up
About | Contact | FAQ
  Home News Web Hosting Domain Name Industry Monday, June 24, 2024 
Add Press Release News | News Feeds Feeds | Email This News Email

New Research from Claroty's Team82 Highlights Remote Access Risks Facing Mission-Critical OT Assets
Wednesday, May 29, 2024

Claroty Bolsters Secure Access Solution to Enable Safe Operations for Cyber-Physical Systems

NEW YORK, May 21, 2024 /PRNewswire/ -- Claroty, the cyber-physical systems (CPS) protection company, today announced new proprietary data revealing that 13% of the most mission-critical operational technology (OT) assets have an insecure internet connection, and 36% of those contain at least one Known Exploited Vulnerability (KEV), making them both remotely accessible and readily exploitable entry points for threat actors to disrupt operations. To address these risks fueled by the growing adoption of remote access technologies in CPS environments, Claroty today launched its newly enhanced Claroty xDome Secure Access (formerly Claroty Secure Remote Access). The solution balances frictionless access and secure control over interactions to CPS, thereby enhancing productivity, reducing complexities and risk, and ensuring compliance across first- and third-party users.

According to Gartner, "While CPS technologies (often interchangeably called OT/IoT/IIoT/ICS/IACS/SCADA, etc.) that support production or mission-critical processes were initially deployed in isolation, they have become increasingly connected to each other and to enterprise systems. In addition, organizations now need OEMs, contractors and employees to operate, maintain and update them from afar."((1))

To shed light on the security implications of this increased connectivity, Claroty's award-winning research group Team82 analyzed a sample of over 125,000 OT assets, their internet connection, and exploitability. Key findings include:

    --  3.7% of all OT assets have an insecure internet connection, meaning they
        communicate with the internet generally, excluding unidirectional,
        manufacturer, and endpoint security communications, allowing attackers
        to easily scan the IP address space to find and attempt to access them
    --  13% of engineering workstations (EWS) and human-machine interfaces
        (HMIs) have an insecure internet connection. These linchpin assets are
        used to monitor, control, and update production systems, and because
        they can connect up and down the Purdue Model architecture for ICS and
        in some cases to the enterprise IT network, attackers can use them as an
        initial foothold for lateral movement.
    --  36% of insecurely internet-connected EWS and HMIs contain at least one
        KEV. The combination of high criticality, high exposure, and high
        exploitability makes these assets prime targets for threat actors
        seeking to maximize operational disruption.


             Gartner, Innovation Insight: CPS Secure Remote Access Solutions, Katell Thielemann, Abhyuday Data, Wam Voster, 18 April 2024. GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.

"Our research supports the notion that increased remote access translates to an expanding attack surface and greater risk of disruption to critical infrastructure, which can ultimately impact public safety and the availability of vital services," said Amir Preminger, vice president of research for Claroty's Team82. "As remote access to mission-critical OT assets such as EWS and HMIs is now the standard operating approach, organizations must ensure they are equipped to grant access to specific assets intentionally and on a least-privileged basis."

Learn more about Team82's findings in the report, "An Open Door."

Balancing Frictionless Access and Secure Control

Per Gartner, "While [operating, maintaining, and updating CPS from afar] was historically done with VPN and jump-server-based approaches, these have proven increasingly unsecure and complex to manage. VPN vulnerabilities have multiplied in recent years, leading to exploitation and emergency directives such as CISA's ED-24-01.1 In addition, most VPNs provide broad network access, and efforts to restrict this broad access at a more granular level leads to complex and costly oversight."((2))

To address the unique and complex security challenges posed by the rise in CPS remote access, Claroty's xDome Secure Access solution is purpose-built for the specific needs of the OT domain. It operationalizes the right balance between frictionless access and secure control over third-party interactions with CPS, thereby enhancing productivity, reducing complexities and risk, and ensuring compliance across first- and third-party users. By integrating foundational security principles such as Identity Governance and Administration (IGA), Privileged Access Management (PAM), and Zero Trust Network Access (ZTNA), Claroty xDome Secure Access sets new standards for resilience and operational excellence in the CPS landscape.

Key benefits include:

    --  Increase productivity: Seamless access for both first- and third-party
        users effectively reduces Mean Time to Repair (MTTR) by facilitating
        quicker issue resolution, operating under low bandwidth conditions,
        ensuring high system availability, and upholding critical site
    --  Reduce risk: The solution incorporates a tailored Zero Trust framework,
        PAM capabilities, and IGA functionality to enhance incident management,
        access controls, and system monitoring, ultimately minimizing risks and
        safeguarding critical assets, so organizations can manage and govern the
        entire identity lifecycle, from initiation to retirement, with the
        utmost precision and security.
    --  Reduce complexity: Significantly reduce administrative complexity with a
        scalable, cloud-managed architecture that offers the flexibility to
        operate seamlessly both on-premises and in the cloud. The solution also
        simplifies administrative tasks that require constant operational
        control by integrating seamlessly with Identity and Access Management
        (IAM) tools, enhancing identity management, and enabling centralized
        site management and policy creation.
    --  Maintain compliance: The solution adheres to key compliance standards
        and provides the necessary controls for real-time logging and auditing
        of user identities, which is crucial for maintaining comprehensive audit
        trails and meeting regulatory requirements, protecting your organization
        against potential legal and financial penalties.


             Gartner, Innovation Insight: CPS Secure Remote Access Solutions, Katell Thielemann, Abhyuday Data, Wam Voster, 18 April 2024.

"Frictionless access to industrial CPS assets is essential to maximize business outcomes, yet many OT assets were historically insecure by design. Safe and secure CPS access requires precise access management, identity management, privileged access, and identity governance capabilities - all built for the exacting operational requirements, environmental constraints, and risk tolerances unique to OT environments. Every access to an OT asset is privileged access by definition as they have the potential to impact safety and availability," said Grant Geyer, chief product officer at Claroty. "Claroty xDome Secure Access not only provides frictionless access to maximize productivity, it also does so with built-in security that is invisible to the operator which is crucial for safeguarding critical infrastructure."

To learn more about Claroty xDome Secure Access:

    --  Read the Claroty xDome Secure Access solution overview or the Claroty
    --  Register for the webinar, "Zero Trust Meets Privileged Access for
        Enhanced Operational Resilience," on June 13, 2024 at 11:00 a.m. EDT

About Claroty

Claroty empowers organizations to secure cyber-physical systems across industrial, healthcare, commercial, and public sector environments: the Extended Internet of Things (XIoT). The company's unified platform integrates with customers' existing infrastructure to provide a full range of controls for visibility, exposure management, network protection, threat detection, and secure access. Backed by the world's largest investment firms and industrial automation vendors, Claroty is deployed by hundreds of organizations at thousands of sites globally. The company is headquartered in New York City and has a presence in Europe, Asia-Pacific, and Latin America. To learn more, visit

View original content to download multimedia:

SOURCE Claroty

Email This News Email | Submit To Slashdot Slashdot | Submit To Digg | Submit To | News Feeds Feeds

Nav AP, ShortTok to develop advanced AI-powered video capabilities | Jun 21, 2024
Nav CRISIL wins Model Validation Tools and Accelerators category award, other recognitions from Chartis | Jun 21, 2024
Nav Schneider Electric Publishes New White Paper on Liquid Cooling for AI Data Centres | Jun 21, 2024
Nav Saksoft Strengthens Digital Engineering Portfolio with Acquisition of Augmento Labs | Jun 21, 2024
Nav NIIMBL and Open Applications Group (OAGi) partner to develop open-source biopharmaceutical manufacturing ontologies | Jun 21, 2024
Nav Leading Supply Side Agency Receives Official Designation as the Only Exclusive and Direct Sales House for Premium CTV Inventory | Jun 21, 2024
Nav NTT DATA and DENSO Sign a Basic Agreement on Strategic Partnership for Software | Jun 21, 2024
Nav ZeOmega Launches HealthFeed SMS Texting for Enhanced Member Engagement | Jun 21, 2024

Submit News | View More News View More News