Claroty: protecting society with cyber-physical security
In the business of building technology to protect critical infrastructure environments, Claroty’s core mission is to secure the cyber-physical systems used to run hospitals, power grids, oil pipelines, water utilities, and many other essential services that we depend on every day.
“We have unique skills and a unique technology platform that is specially designed to detect, manage, and protect all connected devices within the four walls of an operational site, whether it’s industrial, medical, or commercial,” says Simon Chassar, chief revenue officer, Claroty.
“Claroty has evolved significantly since I joined. When I started, the company was on a growth trajectory. There was an increase in the number of attacks in the critical infrastructure environments and increasing regulation. From the years following 2013, there has been a 3900% increase in ransomware attacks in these environments.
“Since joining, we have established a structured organisation, increased our headcount and client base, and grown our revenue year on year by 100%. All of that growth has helped us to stay ahead of threats and to better serve our customers, protecting them from malactors taking advantage of the weaknesses within the critical infrastructure.”
On the cusp of a revolution: Industry 5.0
From the mechanisation of production through to automation and connectivity, the industrial sectors are on the cusp of a new evolution: Industry 5.0.
“While Industry 4.0 saw connectivity of the end-to-end processes, Industry 5.0 harnesses all these other smart devices out there to effectively drive the optimisation of factories and production; humans and intelligent devices through connectivity,” says Chassar.
He adds, “Increasingly, we are seeing those in the industry look at how they can optimise further by reducing waste, accelerating production, reducing energy, and improving health and safety through greater connectivity – not only in production, but across different functions and supply chains, as well as automating functions where possible.
“We are on that cusp now, where more organisations are heading in this direction regarding their future strategies. But, with greater connectivity of machines comes greater exposure to new kinds of cyber threats, which the machines are often not equipped to withstand. Ensuring that connectivity goes hand-in-hand with security is imperative for ensuring the safety and resiliency of the world’s critical infrastructure.”
The maturity landscape of those in the industrial sectors
Although most organisations (60%) only now going through the awareness phase and beginning to understand that they have these connected assets in their industrial environments, many continue to struggle to determine how they communicate or where they are located.
“Because of this, many organisations were not prepared for the last few years and remain unprepared for the years to come,” explains Chassar.
“Currently, only 30% of organisations actually understand their assets, know how they communicate, and where they are located – and even fewer, 10%, have full vulnerability awareness of every single asset within their production and operational environments, understanding how they communicate and how they can mitigate threats,” he adds.
While awareness is on the rise, the industry needs to be quicker if it is to successfully tackle malactors as they enhance their sophistication and maturity level.
“In most cases, malactors or cyber criminals are effectively mimicking what would be a normal OT operator: they get inside the environment, start to learn and understand it – and, in most cases, more so than the companies themselves. So the discussion now at a boardroom level is how the industry can mitigate these risks because it is now a question of business continuity,” says Chassar.
“Compliance and governance are also driving this need for organisations to take action and develop a standard framework,” he added.
Innovations in cybersecurity
When it comes to innovation, Chassar is seeing clear investments being made in Claroty’s deep domain expertise area within industrial environments. “Organisations are innovating in network policy segmentation, user identity permissions, network policy management to mitigate risks,” says Chassar.
“I’ve also started to see more innovation in secure access, making sure that organisations have specific tools to access the physical systems environment for every user and that can only be accessed by that user. This reduces the possibility of back door risks to the industrial environment.”
Being prepared for a cyber attack
“If an organisation doesn’t have a policy or project underway, then they should start one immediately,” says Chassar.
He explains that it is imperative to understand where the assets are, how they communicate, and where they are most vulnerable. Once they start this process, the organisation needs to get to at least the same level of understanding as the criminals in order to manage this risk.
“The next step on from this is to look at who has access to the environment and control that access. Knowing who’s connected, when, where, and to what system is critical. Then organisations should look at how to respond to and recover from potential attacks, and, finally, look at how they can detect attacks,” explains Chassar.
Chassar also emphasises the importance of deploying the best technology. “With one hour of downtime having the potential to cost a manufacturer £5mn, deploying the best technology that you can helps you gain a full understanding of the risks and vulnerabilities within your environment. It can also help to identify early signs of anomalous behaviour, so that you can find out if a process is not operating as it should be before any damage is done,” says Chassar.
What does the future hold?
Over the next 12 to 18 months, Chassar expects to see an increase in the volume of regulations centred around critical infrastructure environments. “There are already many regulations underway in the United States, Australia, and Germany, and I believe that this will, in turn, drive the next wave of reporting compliance,” says Chassar.
“I expect to see more innovation when it comes to the Extended IoT (XIOT) which will drive IT security and control vendors to partner with domain specialists – like Claroty – to deliver a much more holistic cybersecurity strategy.
“Collaboration and shared knowledge will be a key trend in the future to enrich each other's understanding of a very complex environment.
“I also see society placing more demand on factories to be faster and more efficient in the way they produce goods, as well as being more eco-aware by using less energy and reducing waste. With this, though, an increasing number of physical systems will become connected that will need protecting. Finally, I see a greater use of cloud technology as we see Industry 5.0 accelerate and organisations look to how they can be more interconnected with end-to-end efficiency, as well as be more energy efficient.”