Claroty: Why OT Security is Critical to Supply Chains

With more than 138,000 customers affected by global supply chain cyber attacks in 2023, according to Statista, it's become critical for security teams to emphasise the need for operational technology (OT) security.

Supply Chain Digital sat down with Andrew Lintell, General Manager for the EMEA region at Claroty, to discuss the growing risk of supply chain attacks and how security teams can effectively communicate its urgency to organisational leaders. 

Tell us a bit about yourself and your role

I currently serve as the General Manager of the EMEA market for Claroty. My focus is on furthering the company’s presence in the region amid increasing demand for proactive security in cyber-physical systems (CPS). 

Since joining Claroty last year, I’ve been helping the business formalise key partnerships in the region, effectively identifying the security needs of critical organisations and building collaboration with other security leaders in the market. 

I’ve been involved in the industry for more than 20 years. During my time serving as Vice President of Sales and Channel for industry leaders like Microsoft, Kaspersky, McAfee and Tufin, I've witnessed the threat and security landscape rapidly change first-hand.

For anyone unfamiliar with the business, how would you describe Claroty? 

Claroty provides industry-leading security solutions that enable proactive threat detection, vulnerability management and secure remote access, with a specific focus on OT, the Extended Internet of Things (XIoT), SCADA systems, healthcare management systems and building management systems (BMS).

We offer a comprehensive platform that integrates seamlessly with existing customer infrastructures to enhance visibility and manage risks across the entire supply chain. Our SaaS-powered platform extends cybersecurity to all XIoT assets within the supply chain. This means complete visibility of any vulnerability, risk and IT blind spots across the extended network. 

How crucial has security within supply chains become?

Effective cybersecurity has become critical to supply chains since it became closely tied to the integrity of the infrastructures that modern societies rely on.

The globalisation of supply chains means that a security breach in one part of the world can ripple through to affect numerous entities connected within the network, compounding the potential for damage. The SolarWinds breach in 2021 affected more than 100 companies globally, while the Colonial Pipeline attack caused fuel shortages across several communities in the US.

Also, let’s consider the journey a product takes, from design, to manufacturing, to distribution. The number of hands it passes through is staggering. Each of these stages introduces potential vulnerabilities that can be exploited by cybercriminals, not just physically but also digitally.

For instance, the upstream supply chain deals with raw materials and components often sourced globally. This widespread sourcing network is far more penetrable than centralised production systems, making it an attractive target for cybercriminals. This is due to the diverse range of suppliers, geographical dispersion and siloed IT systems in such networks, which complicate security oversight and control.

On the other hand, downstream supply chain areas like installation, maintenance and updates are significantly vulnerable due to their complex networks driven by the convergence of OT and IT. These vulnerabilities can lead to severe consequences, such as theft of sensitive data or even disruption of physical operations.

What risks are posed by the convergence of OT and IT networks within supply chains?

Integrating IT systems with traditionally isolated OT environments expands the number of potential entry points for cyber attacks, exposing critical infrastructure to a broader spectrum of threats.

Vulnerabilities in IT systems, such as remote access solutions and cloud applications, can be exploited to access OT networks, potentially leading to physical disruptions in production and operations. This cross-system exposure means weaknesses in one domain can compromise the security of the entire supply chain.

Also, the contrasting nature of IT and OT systems complicates the monitoring and management of security. Traditional IT security tools can often lack the capability to effectively monitor the proprietary protocols used in OT, leading to gaps in threat detection and response. The risk of data manipulation also increases. Attackers could potentially alter operational data resulting in incorrect commands that may cause equipment malfunctions or unsafe conditions.

To what extent should businesses prioritise visibility into operations and the businesses they interact with? 

It's crucial to achieve granular visibility across all assets in the OT network, as disruptive threats like ransomware are becoming increasingly persistent. This includes detailed insights into device specifications, firmware versions and network configurations, which are critical for accurately and efficiently identifying vulnerabilities.

Businesses must prioritise monitoring across all communications and changes within their OT networks to quickly detect misconfigurations or unauthorised activities that could indicate security threats or operational issues.

Achieving effective visibility in operational processes and changes in OT environments helps detect deviations from normal operations that could signal early stages of cyber attacks or system failures.

How can security teams educate boards on the significance of OT security?

It all starts with effective risk communication. Security teams should present clear examples of recent OT security breaches, detailing the operational and financial impacts. This helps board members understand the tangible consequences of neglecting OT security.

They should also align OT security initiatives with business objectives. For instance, demonstrate how enhancing OT security can prevent production downtime, safeguard company reputation and ensure regulatory compliance – all of which contribute to the bottom line.

Most importantly, security teams must demonstrate the ROI of OT security. Provide specific examples of ROI which have come from investing in OT security solutions, such as cost savings from avoiding potential breaches and fines from non-compliance with industry standards.

It can be beneficial to schedule regular briefings with the board to keep them updated on the evolving threat landscape and the progress of OT security measures. This keeps security a continual point of discussion rather than a one-time report. By employing these strategies, security teams can ensure board members appreciate the critical nature of OT security and support necessary investments.

******

Check out the latest edition of Supply Chain Magazine and sign up to our global conference series – Procurement and SupplyChain LIVE 2024. 

******

Supply Chain Digital is a BizClik brand.