Claroty reveals flaw in traditional cyber-physical systems defence
Claroty, a specialist in protection for cyber-physical systems (CPS), is launching a data study that exposes a critical flaw in conventional vulnerability management strategies. Its research, led by Team82, reveals 38% of the most risk-prone CPS assets are undetected by traditional methods, leaving a wide-open door for potential exploiters.
This disclosure highlights a necessity for a revised strategy towards CPS exposure management, the company states. In reaction to this issue, Claroty has launched a comprehensive CPS-native Exposure Management Solution aimed to assist organisations in minimising their attack surface and effectively pin-pointing the most urgent threats.
Claroty's findings are derived from analysing data from over 20 million operational technology (OT) tools and connected medical devices (IoMT). The analytic process identified at-risk assets with unsafe internet connections and known exploited vulnerabilities. A startling 38% of the most vulnerable CPS assets are missed by traditional vulnerability management techniques. This study offers a critical alert across multiple sectors, from manufacturing through to healthcare.
The press release states: "38% of the riskiest CPS assets are overlooked by traditional approaches to vulnerability management. To address this blind spot, Claroty introduced a complete built-for-purpose CPS exposure management solution, empowering organisations to minimise their attack surface by prioritising the most immediate threats."
Relevant data from the research shows that 20% of OT and IoMT have CVSSv3.1 scores of 9.0 or above - a traditional approach to vulnerability management. It further provides that 1.6% of OT and IoMT are regarded as "high risk", have an insecure internet connection and contain at least one known exploited vulnerability. More concerning is the 38% of these ultra-high-risk OT and IoMT devices do not have a CVSS score of 9.0 or above, meaning they go unnoticed by traditional vulnerability management methods.
Amir Preminger, vice president of research for Claroty's Team82, explained: "Organisations must take a holistic approach to exposure management. Even if they somehow mastered the impossible task of addressing every single 9.0+ CVSS vulnerability, they'd still miss nearly 40% of the most dangerous threats to their organisation."
In line with Gartner's advisable Continuous Threat Exposure Management (CTEM) framework, Claroty's CPS exposure management solution aims to help customers understand their current CPS risk posture. It assists in efficiently and effectively deploying existing resources to improve overall CPS security maturity.
Grant Geyer, chief product officer at Claroty, added: "Taking a vulnerability-focused view alone doesn't help organisations focus on what matters most. Reducing risk requires an evolution from a traditional vulnerability management program to a more focused and dynamic exposure management program."
This approach, Geyer stresses, is centrally important for manufacturing, healthcare, and other critical infrastructure organisations dealing with unique CPS asset characteristics, operational and environmental constraints, organisational risk tolerances, and the results of their CPS cyber risk program.