Industrial Control System (ICS) networks and the demands placed on them are changing. There’s an increasing pull for connectivity to the IT network, cloud depositories and smart devices, which manufacturers rightly want to adopt to gain undeniable business benefits.
However, this needs to be done in a secure manner. With the rising number of cyber security attacks on OT environments, their increasing sophistication and the actual impact on many firms, the need for better OT Cyber Security is clear.
This is the reason why we have partnered with Claroty, the leader in Operational Technology Cyber Security, founded and expressly built for OT networks.
So why Claroty?
We are proud to be a preferred partner for Claroty in the UK and Ireland. When we set out to identify a suitable cyber security solution for our clients, we assessed a lot of options in the marketplace but Claroty simply had the best offer.
Starting in 2014, with an array of top level investors, they have built the leading company in OT Cyber Security today.
Here we take a quick look at what they offer:
Deep and ongoing visibility into Industrial Network endpoints, status and connections
The lack of Visibility into ICS networks is an issue when it comes to protecting and securing them - you can't protect what you can't see.
The discovery and ongoing visibility of end-points, their status and connections, is vital and it is this visibility that Claroty gives you.
Delivering Continuous Threat Detection
Claroty delivers Continuous Threat Detection (CTD), providing visibility and real-time threat and vulnerability monitoring. When we were looking across the relevant cyber solutions, we were extremely impressed by the visibility and insight Claroty provides.
Claroty enables you to know and understand all the conversations going on across your network – what assets are talking to each other and what they’re talking about. And because they are OT specific they understand the context of what each asset is doing e.g. it understands a HMI talking to a PLC and what the various risks are for each potential action.
In addition to extreme visibility, Claroty leverages behavioural analysis techniques to provide on-going real-time threat detection.
It’s first step is to discover and build a model of the entire network, mapping all communication paths. When Claroty is introduced, most organisation think they know the majority of their assets – however typically Claroty CTD is able to find between 5% and 25% of assets that were unknown to network operator.
Real-time threat detection can then use behavioural analysis to monitor base-line deviations, and because it has a detailed model it can spot anomalies and high-risk changes better than anyone, and earlier in the kill chain.
Security Posture Assessments: Fix hidden issues that attackers could exploit
An additional component of Claroty is the Security Posture Assessment – this is an offline product which provides insight into the security risk posture of your OT networks.
It completes a comprehensive analysis of a snapshot of your network traffic over a short period of time, detailing the assets and network communication patterns and providing insights into any weakness in your OT network.
The 1st step for any security framework – know your assets.
This can be a good complement to our industrial network audit service – gaining the benefit of the human element from one of our trained security engineers but with the added value of the database and knowledge within the Claroty platform.
Secure Remote Access: Safeguard networks from the threat of unmonitored remote access
Many organisations have the challenge of having numerous employees and contractors that need access to the network from remote locations. And they have no way to control who has access to what.
With Claroty you can proactively manage remote access, and even get a complete session recording in video, to see everything that occurred during the session, which can be kept for reference or regulatory needs.
This introduces control over who can access which parts of your network and removes an important attack vector.
Enterprise Management Console
With Claroty you can also get an enterprise wide view of your networks, bringing multiple sites or plant locations into one single operations view. You get one consolidated view of your assets and what’s going on.
It’s been designed to operate in real world enterprises that have large complex networks and multiple plants or sites – making it easy for you, saving you time and making it more efficient.