**NEW YORK, Sept. 13, 2023** – Claroty, a leading cyber-physical systems (CPS) protection company, has announced significant enhancements to its Software-as-a-Service (SaaS) platforms’ vulnerability and risk management (VRM) capabilities. These enhancements aim to empower security teams in evaluating and strengthening their organization’s risk posture concerning CPS. The updated features include a granular risk scoring framework, improved vulnerability prioritization workflows, and support for the evolving Software Bills of Materials (SBOM) landscape.
### Mounting CPS Risk Assessment Responsibilities for CISOs
In recent years, the responsibilities of CISOs (Chief Information Security Officers) have expanded to include not only securing IT systems but also CPS. According to estimates, 95% of critical infrastructure CISOs are now responsible for assessing CPS risk posture. Moreover, 98% of these CISOs must quantify and account for their organization’s CPS risk posture in the broader risk score shared with executive leadership. Financial and regulatory pressures, coupled with the limitations of existing risk assessment toolkits, have exacerbated the challenges faced by these security professionals.
### Discrepancies in Conventional Wisdom and Managing CPS Vulnerabilities
A noteworthy discrepancy exists between the severity scores assigned to CPS vulnerabilities and the actual exploitation rates. Claroty‘s State of XIoT Security Report for the second half of 2022 reveals that nearly 70% of disclosed CPS vulnerabilities received a CVSS v3 severity score of “high” or “critical,” but less than 8% of them were exploited. This discrepancy raises concerns about the accuracy of conventional wisdom and solutions that advocate for prioritizing remediation efforts based solely on CVSS scores. Security teams following this approach may not only feel overwhelmed but might also allocate resources to vulnerabilities that are unlikely to be exploited, while overlooking those that are more likely to be targeted.
### Advancements in CPS Vulnerability and Risk Management
In response to these challenges, Claroty‘s xDome and Medigate, the SaaS-based solutions for industrial and healthcare organizations, respectively, have been enhanced to offer a range of improved VRM capabilities. These advancements provide security teams with a more accurate and tailored approach to quantify and manage CPS risk. Key features of the enhanced platforms include:
#### Transparent and Granular Risk Quantification
Claroty‘s new risk framework now accounts for an expanded range of factors that can increase risk, as well as compensating control improvements. The framework comes pre-configured, allowing even customers who are new to CPS security to calculate their risk posture immediately. This transparency empowers organizations to take prioritized actions to protect their operations.
#### Tailored Risk Calculations and Prioritization
The new risk framework allows customers to align it with their existing governance, risk, and compliance (GRC) processes and risk priorities. This flexibility enables organizations to have greater control over how different factors are weighted in their CPS risk posture assessments, ensuring that remediation steps are appropriately prioritized.
#### Improved Vulnerability Prioritization
Claroty now automatically assigns all CPS vulnerabilities to priority groups based on the latest indicators from the Known Exploited Vulnerabilities (KEV) catalog and the Exploit Prediction Scoring System (EPSS), as well as the criticality and risk of affected assets. This enhancement enables customers to more effectively prioritize remediation efforts on vulnerabilities that threat actors are most likely to exploit, leading to up to 11 times greater efficiency in vulnerability management workflows.
#### Support for Software Bills of Materials
As regulatory developments highlight the importance of Software Bills of Materials (SBOMs) for software supply chain risk management, Claroty enables customers to upload SBOMs, view those uploaded by their peers, and support related workflows. This feature ensures that organizations are prepared to address CPS risk implications in the evolving SBOM landscape.
### Aligning VRM Capabilities With Cybersecurity Challenges
Grant Geyer, Chief Product Officer of Claroty, emphasizes that CISOs and security teams are facing an uphill battle in mitigating the risk from obsolete and insecure assets, as well as newly discovered vulnerabilities. Due to the unique nature of CPS and critical infrastructure environments, patching every vulnerability is often impossible or too complex. Claroty‘s enhanced VRM capabilities aim to equip customers with the tools to accurately assess risk and prioritize vulnerability mitigation in industrial, clinical, and other critical environments.
### Conclusion and Recommendations
Claroty‘s advancements in their SaaS platforms offer a promising solution for organizations grappling with the challenges of cyber-physical system risk management. By providing a more accurate and granular risk quantification framework, along with improved vulnerability prioritization, Claroty enables security teams to focus their efforts on the vulnerabilities that pose the greatest threat. The support for SBOMs also ensures that organizations are prepared to address the changing landscape of software supply chain risk management.
However, while technology can provide valuable solutions, it is essential to not overly rely on automated risk scoring frameworks. Cybersecurity professionals should continue to exercise their judgment and expertise in conjunction with these tools. The human element is indispensable in understanding the context and potential impact of vulnerabilities.
Furthermore, organizations must remain proactive in their approach to cybersecurity. Regularly updating and patching systems, implementing strong access controls, and ensuring staff receive comprehensive cybersecurity training are paramount. Encouraging collaboration between IT and OT (Operational Technology) teams is also crucial for effectively managing cyber threats to critical infrastructure. By taking a comprehensive and proactive approach, organizations can enhance their cybersecurity posture and better safeguard their CPS from emerging threats.
In conclusion, Claroty‘s enhancements to their SaaS platforms provide a positive step towards improving cyber-physical systems risk management. By utilizing these advanced VRM capabilities in combination with proactive cybersecurity measures, organizations can better protect their critical infrastructure and mitigate the evolving cyber threats they face.
*Keywords: Cybersecurity, Cyber-physical risk reduction, Vulnerability management, Risk management, Claroty*
<< photo by cottonbro studio >>
The image is for illustrative purposes only and does not depict the actual situation.
You might want to read !
- Navigating the Depths of Online Security: NordVPN Unveils Sonar to Combat Phishing Attacks
- Navigating the Complex Landscape: Safeguarding Rail Cybersecurity
- Addressing the Cyber Alert Gap: Recommendations for Corporate Boards
- AtlasVPN Takes Swift Action to Address IP Leak Vulnerability Following Public Disclosure
- Unveiling Hidden Vulnerabilities: Key Findings from BreachLock Intelligence Report
- The Critical Importance of Continuous Network Monitoring
- The Evolving Landscape of Cloud Security: Exploring the Projected $62.9B Market by 2028
- The Risk of Unpatched Vulnerabilities in SEL Power System Management Products
- The Rise of Non-Employee Risk Management: Protecting Against Third-Party Threats
- The High Price of Cyberattacks: Unveiling the Costly Consequences for Healthcare Organizations
- Western Digital and Synology NAS Vulnerabilities: Millions of Users’ Files Exposed
- Deloitte Global Enhances MXDR Cybersecurity SaaS Solution: Exploring Operational Technology and Identity Modules
