‘Cyber resilience’ matters for manufacturers, says Claroty | #cybersecurity | #cyberattack


Manufacturers are advised to boost their “cyber resilience” besides cyber defense, while semiconductor makers are bracing for potential nation-state-operated cyberattacks and insider attacks, said Eddie Stefanescu, general manager of Claroty’s Asia Pacific and Japan business. The Israel-born company is to open a new office in South Korea in July.

A supplier of cybersecurity solutions for cyber-physical systems (CPS) across industrial, healthcare, and commercial environments – the Extended Internet of Things (XIoT), Claroty was co-founded in 2014 by Amir Zilberstein, who used to manage a team of researchers and developers in an elite cyber unit of the Israeli Defense Force, as well as chief business development officer Galina Antova and chief technology officer Benny Porat.

In 2017, Claroty relocated its global headquarters from Tel Aviv, Israel to New York City in the US and opened a regional headquarters in Singapore in 2021.

During an interview with DIGITIMES Asia, Stefanescu outlined the main cyber threats to operational technology (OT) systems, which manage, monitor, and control industrial operations within power grids, oil pipelines, water utilities, and many other kinds of critical infrastructure, and how Claroty’s solutions help bolster their cyber defense.

Connectivity entails risks

Over the past decade, highly interconnected CPS has become pervasive in industrial environments due to the clear benefits they can deliver, including driving innovation, resilience, and sustainability, to name a few, but the CPS underlying connectivity can also heighten exposure to risks, Stefanescu said.

Many of the physical assets that underpin CPS in critical sectors are brownfield OT devices designed years ago without security in mind because they were never intended to be connected to corporate IT networks or to the Internet, he said.

Since the COVID-19 pandemic broke out, Claroty has observed a huge demand in the requirement to secure remote workers, and the company’s No.1 aim is to ensure customers stay secure and their production will not be disrupted by attacks, he said.

From ransomware to insider attacks

A report released by Claroty in February 2022 found that 80% of critical infrastructure organizations experienced a ransomware attack over the past year, with an equal number reporting that their security budgets have risen since 2020.

The report was based on an independent global survey of 1,100 IT and OT professionals who work in critical infrastructure sectors, the company said.

Of the 80% of respondents who experienced a ransomware attack, 47% reported an impact on their industrial control system (ICS) environment, and over 60% paid the ransom, more than half of which cost US$500,000 or more. Even among those who did pay the ransom, 28% still experienced a substantial impact to operations for more than a week, the report found.

Meanwhile, semiconductors are regarded as extremely strategic assets at the moment due to the interconnected supply chain and the shortage of chips that the world is experiencing. “We’ve got customers in this space, not just globally, but here in APJ,” Stefanescu said.

The company’s customers in the semiconductor industry are focusing on “securing against potential nation-state-operated cyber attacks,” he said.

“They’re also looking at potential insider attacks that could lead to stealing or leaking any of their intellectual property,” he said, adding that for semiconductor makers, the need to shut down operations would be disastrous.

Understand your enemies

While international cybersecurity standards such as ISA/IEC 62443 and those by the US National Institute of Standards and Technology help bridge the compliance gap, Claroty also refers to the MITRE ATT&CK framework, which relies on tactics and techniques representative of adversary behavior, Stefanescu said.

The US-based nonprofit organization MITRE created the ATT&CK framework in 2013. It is a globally accessible knowledge base of adversary tactics and techniques based on real-world observations and used as a foundation for the development of specific threat models and methodologies, according to MITRE’s description.

Besides strengthening cyber defense, manufacturers are advised to also work on “cyber resilience,” which is about what they can do if they get breached despite their best efforts at defense, Stefanescu said.

Claroty’s approach

Claroty presents a three-phased approach for organizations to advance their OT cybersecurity maturity. Step one is to gain full visibility into their environments to understand the risks within them, Stefanescu said.

Step two revolves around controlling access, such as how to provide internal personnel and third-party vendors with remote access to OT assets; how to manage risks posed by their access; and how to develop a zero trust architecture, he said.

Step three is to detect and respond to threats, such as identifying what threats customers are most concerned about; how users should manage alerts; and ensuring Claroty’s solutions integrate seamlessly with their existing security operations center (SOC) tech stack, he said.

The company offers a full range of security tools for any maturity level, whether an organization is just beginning their OT cybersecurity journey or highly advanced. These include continuous threat detection, network access control, network anomaly detection, segmentation, virtual patching, endpoint detection response, and application whitelisting, among others.

Global deployments

In December 2021, Claroty raised US$400 million in Series E funding co-led by Japan’s SoftBank Group, bringing the company’s total funding to US$635 million. Rockwell Automation and Siemens are also among Claroty’s partners.

In addition to its New York headquarters, Claroty has offices in Israel, Germany, UK, India, Australia and Singapore, with nearly 500 employees globally.

The company will inaugurate a new office in South Korea on July 7 and is mulling another establishment in Japan, Stefanescu said.

Asked if the company is placing increasing emphasis on Asia, he said “absolutely.”

Northeast Asia is obviously one of the most fast-growing markets from a CPS security perspective, and the company opened the new offices not just for sales, but for providing post-sales support, he said.

The company’s business in the Greater China region is looked after by personnel stationed in Taiwan and Hong Kong, though an office is not established yet; Singapore looks up to Southeast Asia, India, Korea, and Australia, he said.

Editor note:

DIGITIMES Asia is publishing a series of interview articles with Israeli startups focusing on cybersecurity. By partnering with Taiwan Trade & Innovation Center, Tel Aviv, DIGITIMES Asia introduces unique cybersecurity solutions for various industries, including automobile and industrial automation.





Original Source link

Leave a Reply

Your email address will not be published.

two + one =