Human beings have always had plenty of abilities in their back pocket, but at the same time, none can claim to be as defining as our ability of improving at a consistent pace. We say this because the stated ability has already fetched the world some huge milestones, with technology appearing as a rather unique member of the group. The reason why technology’s credentials are so anomalous is purposed around its skill-set, which was unprecedented enough to realize all the possibilities for us that we couldn’t have imagined otherwise. Nevertheless, a closer look should be able to reveal how the whole runner was also very much inspired by the way we applied those skills across a real world environment. The latter component was, in fact, what gave the creation a spectrum-wide presence and made it the ultimate centerpiece of every horizon. Now, having such a powerful tool run the show did expand our experience in many different directions, but even after reaching so far ahead, this prodigious concept called technology will somehow keep on delivering the goods. The same has grown to become a lot more evident in recent times, and assuming one new GRC-themed development pans out just like we envision, it will only propel that trend towards greater heights over the near future and beyond.
Claroty, the cyber-physical systems (CPS) protection company, has officially released a set of enhancements for its SaaS platforms’ vulnerability and risk management (VRM) mechanism. Meant to help security teams evaluate and strengthen their organization’s CPS risk posture, these updates bring a granular-yet-flexible risk scoring framework into play, a framework which enable vulnerability prioritization workflows to be up to 11 times more efficient than industry standard. Not just that, it also supports the evolving Software Bills of Materials (SBOM) landscape. Talk about the whole development on a deeper level, the new framework takes into account an expanded range of factors that can increase risk, alongside compensating control improvements that can offset risk, to deliver a more accurate picture regarding the same. It also notably has a pre-configured side to ensure that even the customers who aren’t well-versed in CPS security can easily calculate their risk posture and take prioritized actions to protect their operations. Next up, we get into how the new framework allows you to customize those CPS risk calculations as per your unique needs. Hence, users should be able to align them with their existing GRC processes and risk priorities, and if that is not enough, the feature will also give them greater control over the way different factors are weighted in their CPS risk posture assessments. Another very crucial thing we can expect here is a knowhow on Claroty’s part to automatically assign all CPS vulnerabilities to different priority groups, thus timely filling you in on vulnerabilities that threat actors are most likely to weaponize. This segmentation is based on the latest indicators from the Known Exploited Vulnerabilities (KEV) catalog and Exploit Prediction Scoring System (EPSS), as well as the criticality and risk of affected assets. Moving on, the updates further make it possible for users to be better prepared against an evolving SBOM landscape, and it does so by helping them upload SBOMs, view the ones uploaded by their peers, and support related workflows moving forward.
“CISOs and security teams face an increasingly uphill battle in mitigating the risk from obsolescent and insecure assets, as well as new vulnerability discoveries. Due to the uniqueness of CPS and critical infrastructure environments, patching everything is often impossible or too complex to execute,” said Grant Geyer, chief product officer of Claroty. “These VRM enhancements to the Claroty SaaS portfolio further equip our customers to answer their toughest cybersecurity questions: how to accurately assess risk, and which vulnerabilities to mitigate first based on how likely they are to be exploited in industrial, clinical, or other mission-critical environments.”
The move delivers an interesting follow-up to all those recent changes that have been happening across the industry. For instance, according to certain reports, an estimated 95% critical infrastructure CISOs are now responsible for securing not only IT but also CPS. Stitching further context into it is the fact that 98% of the stated faction must also quantify and account for their organization’s CPS risk posture in the broader risk score shared with executive leadership. To elucidate the picture even more, as per Claroty’s State of XIoT Security Report: 2H 2022, nearly 70% of CPS vulnerabilities disclosed in 2022 received a CVSS v3 severity score of “high” or “critical,” yet less than 8% have been exploited. Such discrepancy has raised big concerns in terms of the conventional solutions’ efficiency.\
The reality is even reflected in The 2023 Gartner® Market Guide for CPS Protection Platforms’ report, which said:
“The number of vulnerabilities continues to grow at the same time as CPS patching remains very difficult. Most solutions: correlate the outputs from asset discovery with common vulnerability and exposures (CVE)/manufacturer recall databases and third-party vulnerability repositories, prioritize for known exploited vulnerabilities, flag unsecure application usage and default passwords, provide remediation guidance including alternative compensating controls, and provide a ticketing mechanism to track actions. More advanced solutions include: a mechanism to prevent IT scanners from touching CPS, provide a contextualized risk score based on asset criticality and likelihood of exploitability, and enhance findings and risk score with real world knowledge of their research teams.”