Cyber-physical assets join IT as a combined attack surface
The discovering and providing of security data about IT assets, performed by cloud-delivered, machine-learning security firm CrowdStrike Holdings Inc. is about to be expanded. It will be augmented now through a collaboration with cyber-physical security provider Claroty Ltd.
Operational technology), extended internet of things), building management systems and other cyber-physical assets are increasingly becoming a part of an organization’s attack surface and thus must be included in overall strategy, according to Stephan Goldberg (pictured), vice president of strategic alliances at Claroty.
“With emerging technologies, everything is being converged,” he said.
Goldberg spoke with theCUBE industry analyst Dave Vellante at last September’s theCUBE @ Fal.Con event, during an exclusive broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio. They discussed how the IT security space is expanding into these physical assets. (* Disclosure below.)
Air-gapping no longer an option
“Traditionally, most manufacturers and environments that were heavy on operations … they had the networks air-gapped, completely separated,” Goldberg said.
That is no longer the case because business requirements demand everything to be networked: IoT, OT and the classic IT.
“Today we’re seeing the IT vendors on the OT side, and the OT vendors, they’re worried about the IT side,” Goldberg added. That’s as the traditionally IT-managed space merges with OT.
Air-gapping, the traditional method that cyber-physical assets, such as a controller or a turbine, have been secured, isn’t a valid option anymore.
“You don’t get updates, and you don’t really know what’s going on in your network,” Goldberg said. By adding security, “you have much higher probability detecting fast and responding fast. If you don’t have it, you are just blind,” he added.
Up first with this approach, which is being branded Falcon Discover for IoT at CrowdStrike, is to discover everything in depth. “To the level you need to know application versions of these devices — just knowing that’s an HMI [interface] or that’s a PLC [controller] by Siemens is insufficient,” Goldberg stated.
Risk assessment follows with a vulnerability score. That’s followed by actions, he added.
Here’s the complete video interview, part of SiliconANGLE’s and theCUBE’s coverage of theCUBE @ Fal.Con 2022:
(* Disclosure: CrowdStrike Holdings Inc. and Claroty Ltd. sponsored this segment of theCUBE. Neither CrowdStrike/Claroty nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)
Photo: SiliconANGLE
A message from John Furrier, co-founder of SiliconANGLE:
Your vote of support is important to us and it helps us keep the content FREE.
One click below supports our mission to provide free, deep, and relevant content.
Join our community on YouTube
Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.
THANK YOU