### Uncovering the Blind Spot in Cyber-Physical Systems (CPS) Vulnerability Management

Claroty, a leading cyber-physical systems (CPS) protection company, has recently unveiled new data highlighting a significant oversight in traditional vulnerability management approaches. According to their findings, 38% of the most at-risk CPS assets remain undetected by conventional methods, presenting a critical vulnerability ripe for exploitation by cyber adversaries. In response, Claroty has launched a comprehensive CPS exposure management solution designed to help organizations reduce their attack surface by focusing on the most pressing threats.

Through an extensive analysis conducted by Claroty’s acclaimed research team, Team82, over 20 million operational technology (OT), Internet of Medical Things (IoMT), IoT, and IT assets within CPS environments were examined. The study aimed to identify assets considered “high risk” due to factors such as insecure internet connections and the presence of Known Exploited Vulnerabilities (KEVs). The findings reveal a concerning landscape where traditional vulnerability management metrics, such as CVSSv3.1 scores, fall short in addressing the full scope of risk present in CPS environments.

Key insights from the research include:

– A staggering 20% of OT and IoMT assets possess CVSSv3.1 scores of 9.0 or higher, indicating severe vulnerabilities that are often too numerous and complex for organizations to mitigate effectively, especially given the limited patching opportunities for CPS assets.
– Only 1.6% of OT and IoMT devices are categorized as “high risk” with insecure internet connections and at least one KEV, highlighting tens of thousands of high-risk CPS assets that are accessible remotely by cybercriminals and contain vulnerabilities actively exploited in the wild.
– Alarmingly, 38% of these ultra-high-risk OT and IoMT devices do not have a CVSS score of 9.0 or above, illustrating a significant blind spot in traditional vulnerability management practices that leaves organizations exposed to potential cyberattacks.

Amir Preminger, Vice President of Research for Claroty’s Team82, emphasizes the critical need for organizations to adopt a more comprehensive approach to exposure management. By focusing on the “ticking time bombs” within their environments, organizations can better protect themselves against the most dangerous threats, beyond merely addressing high CVSS score vulnerabilities.

For further details on Team82’s findings and recommendations, interested parties are encouraged to explore “The CPS Blind Spot” report available on Claroty’s website.

—

For editorial inquiries, please contact Editor Kym Bergmann at kym.bergmann@venturamedia.net. For advertising inquiries, reach out to Director of Sales Graham Joss at graham.joss@venturamedia.net.

Claroty, a company specializing in the protection of cyber-physical systems (CPS), has unveiled new data indicating that 38% of the most vulnerable CPS assets are not adequately covered by conventional vulnerability management strategies. This oversight presents a significant security gap that could be exploited by malicious actors. To combat this issue, Claroty has launched a comprehensive solution tailored for CPS exposure management, designed to help organizations reduce their risk by focusing on the most critical threats.

The company’s research team, Team82, conducted an extensive analysis of over 20 million assets across operational technology (OT), Internet of Medical Things (IoMT), IoT, and IT within CPS environments. The study targeted assets classified as “high risk” due to factors like insecure internet connections and the presence of Known Exploited Vulnerabilities (KEVs). “High risk” was determined based on a variety of criteria, including end-of-life status, use of insecure communication protocols, known vulnerabilities, weak or default passwords, the presence of personal or health information, potential consequences of failure, among others.

Key findings from the research include:
– 20% of OT and IoMT assets have CVSSv3.1 scores of 9.0 or higher, indicating severe vulnerabilities. However, the sheer volume of these vulnerabilities makes it impractical for most organizations to address them, especially given the limited patching windows for CPS assets.
– Only 1.6% of OT and IoMT assets are considered “high risk” with insecure internet connections and at least one KEV, representing a significant number of high-risk CPS assets accessible to cybercriminals and containing vulnerabilities that are actively exploited.
– Surprisingly, 38% of these ultra-high-risk OT and IoMT devices do not have a CVSS score of 9.0 or higher, meaning they are often overlooked by traditional vulnerability management approaches despite posing a substantial risk.

Amir Preminger, vice president of research for Claroty’s Team82, emphasized the critical nature of addressing these vulnerabilities, stating that focusing solely on vulnerabilities with high CVSS scores would still leave nearly 40% of the most dangerous threats unaddressed. He advocates for a more comprehensive approach to exposure management that prioritizes the most significant risks.

For more detailed insights, Claroty’s report, “The CPS Blind Spot,” is available for further reading.

For editorial inquiries, please contact Editor Kym Bergmann at kym.bergmann@venturamedia.net. For advertising inquiries, reach out to Director of Sales Graham Joss at graham.joss@venturamedia.net.