Claroty announced new capabilities in its SaaS-based Claroty xDome platform that provide organizations with an impact-centric view of their CPS environment.
The new additions, Device Purpose and Risk Benchmarking, allow users to see how the overall risk of an environment is affected by the processes involved in a device’s use – as production lines, building floors, hospital wings, and more – and prioritize risk reduction efforts based on potential impact to business outcomes, while bridging the gap between CPS personnel and other business units.
According to Gartner, “Organizations are becoming aware of their blind spots. Asset-intensive organizations increasingly realize that CPS environments are value creation centers. A manufacturing company makes money by producing goods, for instance. Once largely ‘out of sight, out of mind,’ boards and C-suite executives increasingly want to know how their CPS production and mission-critical environments are protected.”1
To date, the CPS protection industry has taken an asset-centric approach by providing in-depth visibility into specific assets and their associated risks. While establishing a comprehensive asset inventory is a necessary first step for any cybersecurity program, taking a solely asset-centric approach to reducing CPS risk may lead security teams to focus on assets that would have little to no impact on the business if compromised.
Organizations must be able to prioritize their limited remediation resources based on the business purpose each asset serves, whether it delivers essential services to the general population or powers the organization’s largest revenue stream.
In instances such as a security analyst and OT engineer looking at two identical devices with the same exposures, knowing what each device does for the business is critical for determining which to address first.
Claroty xDome’s new Device Purpose and Risk Benchmarking capabilities make this paradigm shift from asset-centric to impact-centric risk reduction possible, by equipping teams responsible for maintaining mission-critical processes and devices with the business context they need to effectively prevent process disruption, downtime, and financial loss.
Focusing on business context and outcomes provides a shared language for security teams and CPS operators while connecting their work with larger Business Impact Analysis efforts for the organization.
“The security of critical infrastructures are under growing scrutiny as adversaries increasingly target these systems of the greatest criticality,” said Yoram Gronich, CPO at Claroty. “The teams managing these environments are facing mounting pressure from multiple fronts in their organizations and need tools that exponentially make their jobs easier so they can focus on protecting the mission-critical infrastructures that sustain societal operations—that means having the business context to meaningfully reduce risk.”
Key benefits of Claroty xDome’s new Device Purpose and Risk Benchmarking include:
- Device Purpose: Align assets with their business context
- View assets categorized in a hierarchy and taxonomy according to the user’s vertical
- Refine hierarchy and taxonomy from a verticalized baseline, including business impact scores
- Measure the impact to device risk and overall risk scores based business impact customizations
- Risk Benchmarking: Compare organizational risk versus industry peers
- Analyze how the organization’s risk landscape stacks up against similarly-sized organizations
- Visualize how the most critical assets are secured
- Measure risk reduction efforts over time across multiple risk factors across networks
