IT Brief Australia - Technology news for CIOs & IT decision-makers
Australia
Guides
#
artificial intelligence
#
digital transformation
#
disaster recovery
#
hybrid & remote work
#
internet of things
Search
Story image
#
SaaS
#
Advanced Persistent Threat Protection
#
Physical Security

Claroty adds impact-centric tools for stronger CPS security

Yesterday
Author image
By Melania Watson, Interview Editor

Claroty has launched new features in its xDome platform designed to help organisations manage and prioritise cyber-physical systems security risks based on their potential impacts on business operations.

The company announced the introduction of "impact-centric" capabilities in its SaaS-based xDome platform, aiming to shift the focus from an asset-centric approach to one that assesses risk through the lens of business outcomes. The newly added features, Device Purpose and Risk Benchmarking, are intended to provide greater context on how devices and processes affect overall risk within an operational environment.

The Device Purpose feature allows users to understand the function of each device within its operational context. For example, a device such as a remote patient monitoring system in a hospital can be identified not just by its technical attributes but also by the critical service it delivers. This contextual knowledge enables security teams to assess the business criticality of assets beyond their technical specifications.

The Risk Benchmarking tool enables organisations to evaluate their own risk profiles against those of industry peers or internal baselines. This comparative view assists in identifying gaps in current security postures and in tracking improvements over time across multiple risk factors impacting networked assets and systems.

Claroty's shift to an impact-centric model aligns the responsibilities of cybersecurity teams with broader business objectives, aiming to foster closer collaboration and a shared understanding of risk across different operational and business units. This approach is designed to help organisations prioritise their remediation efforts according to the potential impact of device compromise on business outcomes such as operational continuity and financial loss.

Industry analysis supports the rationale behind this new approach. According to Gartner, "Organisations are becoming aware of their blind spots. Asset-intensive organisations increasingly realise that CPS environments are value creation centres. A manufacturing company makes money by producing goods, for instance. Once largely 'out of sight, out of mind,' boards and C-suite executives increasingly want to know how their CPS production and mission-critical environments are protected."

The conventional asset-centric method to CPS risk management has historically focused on cataloguing assets and identifying associated risks.

While useful for establishing a security foundation, this approach can result in remediation resources being allocated to assets that have little real impact on business operations if compromised. Claroty argues that understanding each asset's function and business impact is essential for efficient and effective risk reduction, particularly when resources are limited.

Device Purpose and Risk Benchmarking are intended to facilitate this transition. By providing business context, the tools are designed to help security and OT engineering teams evaluate and act on critical risks with an understanding of how their efforts align with organisational business impact analyses and long-term goals.

Yoram Gronich, Chief Product Officer at Claroty, commented, "The security of critical infrastructures are under growing scrutiny as adversaries increasingly target these systems of the greatest criticality. The teams managing these environments are facing mounting pressure from multiple fronts in their organisations and need tools that exponentially make their jobs easier so they can focus on protecting the mission-critical infrastructures that sustain societal operations - that means having the business context to meaningfully reduce risk."

Device Purpose allows assets to be arranged in a hierarchy and taxonomy tailored to the user's specific industry vertical, such as healthcare, manufacturing or building management. The system can be refined for a particular environment, with business impact scores assigned to key assets. This makes it possible to calculate how business impact assessments affect both device-specific and overall risk scores.

The Risk Benchmarking functionality enables organisations to visualise and compare their CPS security risk in relation to that of similar organisations, providing insights into how critical assets are protected and helping teams to monitor risk reduction efforts over time. Results can be used to assess risk exposure and direct resources more effectively to areas with higher potential business impact.

The new features provide a shared language for security professionals and operational staff, supporting cross-departmental communication and decision-making around cybersecurity measures and priorities. This is intended to ensure that risk reduction efforts are closely aligned with business imperatives.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Healthcare faces surge in cyberattacks & AI-driven threats
Cobalt unveils platform updates to streamline pentesting workflows
From Uncertainty to Opportunity: Five ways CFOs can drive growth and profitability
Too many cloud security tools harming incident response times - survey
HubSpot launches direct connector for ChatGPT CRM insights
Top stories
Global survey finds gaps leave cloud security dangerously exposed
Cloudera joins AI-RAN Alliance to boost AI in telecoms sector
Australian leaders see AI as risk & opportunity, identity gaps grow
How managed XDR boosts cyber security visibility for SMEs
Hands-on Review: Acer TravelMate P6 14 AI laptop