Lead Machine Pink 160x1200

Lead Machine Pink 160x1200

iTWire TV 705x108notfunny
Thursday, 12 September 2024 08:28

Fifty-five percent of OT environments contain four or more remote access tools, greatly expanding attack surface and operational complexity

By Claroty
Fifty-five percent of OT environments contain four or more remote access tools, greatly expanding attack surface and operational complexity

COMPANY NEWS: Claroty, the cyber-physical systems (CPS) protection company, today released new research from Team82 on remote access tool sprawl and the risk exposures it introduces to operational technology (OT) environments. Data from more than 50,000 remote-access-enabled devices showed that the volume of remote access tools deployed is excessive, with 55% of organisations having four or more and 33% having six or more.

Team82’s research also found that a staggering 79% of organisations have more than two non-enterprise-grade tools installed on OT network devices. These tools lack basic privileged access management capabilities such as session recording, auditing, role-based access controls, and even basic security features such as multi-factor authentication (MFA). The consequence of utilising these types of tools is increased, high-risk exposures and additional operational costs from managing a multitude of solutions.

“Since the onset of the pandemic, organisations have been increasingly turning to remote access solutions to more efficiently manage their employees and third-party vendors, but while remote access is a necessity of this new reality, it has simultaneously created a security and operational dilemma,” said Claroty vice president products secure access Tal Laufer. “While it makes sense for an organisation to have remote access tools for IT services and for OT remote access, it does not justify the tool sprawl inside the sensitive OT network that we have identified in our study, which leads to increased risk and operational complexity.” 

Learn more about Team82’s findings in the report, The Problem with Remote Access Sprawl.

While many of the remote access solutions found in OT networks may be used for IT-specific purposes, their existence within industrial environments can potentially create critical exposure and compounding security concerns that include:

  • Lack of visibility: In cases where third-party vendors connect to the OT environment using their own remote access solutions, OT network administrators and security personnel who are not centrally managing these solutions have little to no visibility into the associated activity
  • Increased attack surface: More external connections into the network via remote access tools mean more potential attack vectors through which substandard security practices or leaked credentials can be used to penetrate the network.
  • Complex identity management: Multiple remote access solutions require a more concentrated effort to create consistent administration and governance policies surrounding who has access to the network, to what, and for how long. This increased complexity can create blind spots in access rights management.

According to Gartner, security and risk management (SRM) leaders should, “perform a full inventory of all remote connections across the entire organisation, as shadow remote access likely exists throughout operational networks, particularly at field sites,” and “remove older remote access solutions when deploying newer CPS secure remote access solutions. Organisations commonly deploy new solutions without focusing on what is left behind, and with the number of exploited VPN vulnerabilities growing, this could be a significant blind spot.”1

Claroty’s xDome Secure Access provides organisations with built-for-OT remote operations capabilities and OT-aware security architecture, delivering comprehensive visibility into both OT devices and the users connecting to them. The solution can now be deployed either on-premise or in the cloud, enabling organisations to optimise remote access management and reduce their total cost of ownership. Recognising that no two CPS environments are identical, xDome Secure Access provides flexible, operations-specific remote access regardless of an organisation’s geographic spread, network architecture, or cloud maturity, all while enabling regulatory compliance with frameworks such as NIST and NIS2.

To learn more about xDome Secure Access, request a demo.

About Claroty
Claroty has redefined cyber-physical systems (CPS) protection with an unrivaled industry-centric platform built to secure mission-critical infrastructure. The Claroty Platform provides the deepest asset visibility and the broadest, built-for-CPS solution set in the market comprising exposure management, network protection, secure access, and threat detection – whether in the cloud with Claroty xDome or on-premise with Claroty Continuous Threat Detection (CTD). Backed by award-winning threat research and a breadth of technology alliances, The Claroty Platform enables organisations to effectively reduce CPS risk, with the fastest time-to-value and lower total cost of ownership. Claroty is deployed by hundreds of organisations at thousands of sites globally. The company is headquartered in New York City and has a presence in Europe, Asia-Pacific, and Latin America. To learn more, visit claroty.com.

Read 141 times

Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here
BACK TO LATEST NEWS here




IDC WHITE PAPER: The Business Value of Aiven Data Cloud Solutions

According to IDC, Aiven enables your teams to perform more efficiently, reduce direct infrastructure costs, and provide improved database performance, agility and scalability.

Find out how Aiven makes teams 48% more efficient, allowing staff to focus on high-value activities that drive real business results:

340% 3-year ROI – break even in 5 months (average)

37% lower 3-year cost of operations

78% reduction in staff time for database deployments

Download the IDC White Paper now

DOWNLOAD WHITE PAPER!

PROMOTE YOUR WEBINAR ON ITWIRE

It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site itwire.com and prominent Newsletter promotion https://itwire.com/itwire-update.html and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV https://www.youtube.com/c/iTWireTV/videos which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinars and campaigns and assistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.

MORE INFO HERE!

BACK TO HOME PAGE
Published in Company news
Tagged under

Related items

More in this category: « Trustwave's 2024 financial services threat reports highlight alarming trends in insider threats and phishing-as-a-service Genetec Expands Security Centre SaaS With The Launch of Operations Center, The Industry’s First Work Management Solution For Physical Security Operations »
Share News tips for the iTWire Journalists? Your tip will be anonymous
back to top

Subscribe to Newsletter

*  Enter the security code shown:

WEBINARS & EVENTS

CYBERSECURITY

PEOPLE MOVES

GUEST ARTICLES

Guest Opinion

ITWIRETV & INTERVIEWS

RESEARCH & CASE STUDIES

Channel News

Comments