Sign in / up

Papers by “Claroty, Optiv & Amazon Web Services (AWS)”

awsv2optimizing

Optimizing OT Remote Access for Third-Party Vendors with Claroty Secure Access (SA)

– Whitepaper

Third-party engineers, such as Original Equipment Manufacturer (OEM) technicians and maintenance contractors, play a vital role in maintaining the operational technology (OT) environments' availability, integrity, and safety. As their work is often remote, they typically access client OT environments remotely through various widely used connectivity solutions, such as VPNs or OEM-specific tools. However, these solutions were traditionally designed for IT environments, not OT, which is a significant problem. OT and IT environments, while they may share similarities, have unique compositions, serve different purposes, and come with their own security and operational needs. They also present distinct challenges and risks - differences that are even more significant when dealing with third-party OT remote access. Therefore, an OT-specific approach is needed to properly address the requirements and risks associated with third-party OT remote access. This white paper dives into the security and operational challenges posed by using standard IT-oriented solutions for third-party OT remote access. It also outlines the prerequisites for an optimal solution, and how Claroty's xDome Secure Access (SA) meets these requirements.Third-party engineers, such as Original Equipment Manufacturer (OEM) technicians and maintenance contractors, play a vital role in maintaining the operational technology (OT) environments' availability, integrity, and safety. As their work is often remote, they typically access client OT environments remotely through various widely used connectivity solutions, such as VPNs or OEM-specific tools. However, these solutions were traditionally designed for IT environments, not OT, which is a significant problem. OT and IT environments, while they may share similarities, have unique compositions, serve different purposes, and come with their own security and operational needs. They also present distinct challenges and risks - differences that are even more significant when dealing with third-party OT remote access. Therefore, an OT-specific approach is needed to properly address the requirements and risks associated with third-party OT remote access. This white paper dives into the security and operational challenges posed by using standard IT-oriented solutions for third-party OT remote access. It also outlines the prerequisites for an optimal solution, and how Claroty's xDome Secure Access (SA) meets these requirements.

January 2025
awsv1opendoor

An Open Door:

– Secure access to vital OT systems reduces the number of initial attack vectors available to threat actors.

Team82's research consistently uncovers the susceptibility of engineering workstations (EWS) and other crucial entry points in operational technology (OT) environments. These hotspots can be exploited to access control systems like human-machine interfaces (HMIs) or process control devices like programmable logic controllers (PLCs). Implementing stringent controls over remote and third-party access, especially onto EWS or HMIs, drastically narrows the attack space for sophisticated threat actors seeking to tamper with or halt industrial processes, jeopardize public safety, or interrupt essential services. This analysis of a section of EWS and HMIs, out of over 125,000 OT assets, focused on the security of their internet connection and their susceptibility to vulnerabilities. Our findings indicate that more than a third of EWS and HMIs that are improperly secured and connected to the internet have at least one publicly exploited vulnerability. This illuminates the real risk to industrial settings increasingly targeted by remote attackers. Rising adoption of remote access technology has inadvertently opened new risk channels. While it offers substantial gains in productivity and cost efficiency by facilitating remote access to cyber-physical systems, it necessitates the interconnection of formerly isolated OT assets to public networks. This heightens the threat of operational disruption, reputational harm, and regulatory non-compliance.

January 2025
awsv2optimizing

Optimizing OT Remote Access for Third-Party Vendors with Claroty Secure Access (SA)

– Whitepaper

Third-party engineers, such as Original Equipment Manufacturer (OEM) technicians and maintenance contractors, play a vital role in maintaining the operational technology (OT) environments' availability, integrity, and safety. As their work is often remote, they typically access client OT environments remotely through various widely used connectivity solutions, such as VPNs or OEM-specific tools. However, these solutions were traditionally designed for IT environments, not OT, which is a significant problem. OT and IT environments, while they may share similarities, have unique compositions, serve different purposes, and come with their own security and operational needs. They also present distinct challenges and risks - differences that are even more significant when dealing with third-party OT remote access. Therefore, an OT-specific approach is needed to properly address the requirements and risks associated with third-party OT remote access. This white paper dives into the security and operational challenges posed by using standard IT-oriented solutions for third-party OT remote access. It also outlines the prerequisites for an optimal solution, and how Claroty's xDome Secure Access (SA) meets these requirements.Third-party engineers, such as Original Equipment Manufacturer (OEM) technicians and maintenance contractors, play a vital role in maintaining the operational technology (OT) environments' availability, integrity, and safety. As their work is often remote, they typically access client OT environments remotely through various widely used connectivity solutions, such as VPNs or OEM-specific tools. However, these solutions were traditionally designed for IT environments, not OT, which is a significant problem. OT and IT environments, while they may share similarities, have unique compositions, serve different purposes, and come with their own security and operational needs. They also present distinct challenges and risks - differences that are even more significant when dealing with third-party OT remote access. Therefore, an OT-specific approach is needed to properly address the requirements and risks associated with third-party OT remote access. This white paper dives into the security and operational challenges posed by using standard IT-oriented solutions for third-party OT remote access. It also outlines the prerequisites for an optimal solution, and how Claroty's xDome Secure Access (SA) meets these requirements.

January 2025
awsv3clarotysecure

How Claroty Secure Access (SA) Maps to CISA’s Cross-Sector Cybersecurity Performance Goals

– Whitepaper

Critical infrastructure has become an attractive target for cybercriminals due to the potential widespread disruption if compromised. The risk has grown with the escalating adoption of digital transformations and cyber-physical connectivity, resulting in larger and more vulnerable attack surfaces. To manage these risks, the Cybersecurity Infrastructure & Security Agency (CISA) and the National Institute of Standards and Technology (NIST) introduced Cross-Sector Cybersecurity Performance Goals (CPGs). These guidelines help organizations establish vital cybersecurity practices, with specific controls honing in on operational technology (OT) remote access. Claroty's xDome Secure Access (SA) supports organizations in achieving the CPGs. As a critical element of operational continuity and a common cybersecurity gap, OT remote access requires this level of attention. xDome SA provides secure, reliable, and smooth access to OT environments for remote users, thereby reducing cyber and operational risks while enhancing visibility, control, and threat detection, and response. xDome SA strongly aligns with CPGs, making it a viable choice for infrastructure organizations aiming to close cybersecurity gaps without obstructing operational workflows. This document explores how xDome SA and Continuous Threat Detection (CTD) solutions within Claroty’s industrial cybersecurity portfolio can assist organizations in implementing CISA and NIST's recommendations effectively and efficiently.

January 2025
awsv1opendoor

An Open Door:

– Secure access to vital OT systems reduces the number of initial attack vectors available to threat actors.

Team82's research consistently uncovers the susceptibility of engineering workstations (EWS) and other crucial entry points in operational technology (OT) environments. These hotspots can be exploited to access control systems like human-machine interfaces (HMIs) or process control devices like programmable logic controllers (PLCs). Implementing stringent controls over remote and third-party access, especially onto EWS or HMIs, drastically narrows the attack space for sophisticated threat actors seeking to tamper with or halt industrial processes, jeopardize public safety, or interrupt essential services. This analysis of a section of EWS and HMIs, out of over 125,000 OT assets, focused on the security of their internet connection and their susceptibility to vulnerabilities. Our findings indicate that more than a third of EWS and HMIs that are improperly secured and connected to the internet have at least one publicly exploited vulnerability. This illuminates the real risk to industrial settings increasingly targeted by remote attackers. Rising adoption of remote access technology has inadvertently opened new risk channels. While it offers substantial gains in productivity and cost efficiency by facilitating remote access to cyber-physical systems, it necessitates the interconnection of formerly isolated OT assets to public networks. This heightens the threat of operational disruption, reputational harm, and regulatory non-compliance.

January 2025
awsv3clarotysecure

How Claroty Secure Access (SA) Maps to CISA’s Cross-Sector Cybersecurity Performance Goals

– Whitepaper

Critical infrastructure has become an attractive target for cybercriminals due to the potential widespread disruption if compromised. The risk has grown with the escalating adoption of digital transformations and cyber-physical connectivity, resulting in larger and more vulnerable attack surfaces. To manage these risks, the Cybersecurity Infrastructure & Security Agency (CISA) and the National Institute of Standards and Technology (NIST) introduced Cross-Sector Cybersecurity Performance Goals (CPGs). These guidelines help organizations establish vital cybersecurity practices, with specific controls honing in on operational technology (OT) remote access. Claroty's xDome Secure Access (SA) supports organizations in achieving the CPGs. As a critical element of operational continuity and a common cybersecurity gap, OT remote access requires this level of attention. xDome SA provides secure, reliable, and smooth access to OT environments for remote users, thereby reducing cyber and operational risks while enhancing visibility, control, and threat detection, and response. xDome SA strongly aligns with CPGs, making it a viable choice for infrastructure organizations aiming to close cybersecurity gaps without obstructing operational workflows. This document explores how xDome SA and Continuous Threat Detection (CTD) solutions within Claroty’s industrial cybersecurity portfolio can assist organizations in implementing CISA and NIST's recommendations effectively and efficiently.

January 2025
Next page