Claroty, the cyber-physical systems (CPS) protection company, has officially announced a fresh flurry of investments in the U.S. Public Sector to enhance protection of OT, IoT, IoMT, and Facility-related control systems (FRCS)/Building Management Systems (BMS).
According to certain reports, Claroty will offer, moving forward, an enhanced brand of exposure management, Federal Information Security Modernization Act (FISMA) support with Security Technical Implementation Guide (STIG), hardened configuration management controls for its Continuous Threat Detection (CTD) platform.
All in all, these new capabilities should tread up a long distance to facilitate greater efficiency and operational improvements throughout U.S. Federal Departments and Agencies, State, Local and Education (SLED), and the defense industrial base.
To understand the significance of such a development, we must take into account how offensive activity from state-sponsored threat actors continues to rise and exploit new and existing vulnerabilities across the nation’s most mission-critical infrastructure.
Against that, Claroty’s revitalized CTD brings forth an ability to swiftly prioritize and remediate exposure based on exploitability. You see, security teams will be now able to contextualize and prioritize remediation for the most critical vulnerabilities with enrichment from CISA’s Known Exploited Vulnerabilities (KEV) catalog.
Now, when you put that alongside the existing support for Exploit Prediction Scoring System (EPSS), the resulting setup should be able to orchestrate automated vulnerability “priority group assignments,” which is a more sophisticated method of categorizing and ranking vulnerabilities, as well as their associated assets
Complementing this would be the availability of flyaway kits’ portability that can come in handy when the agenda is to expedite the process regardless of resource constraints, thus empowering organizations to more swiftly reduce risk and optimize limited resources.
Next up, we must expand upon Claroty’s enhanced CTD’s operating system (ClarotyOS) for STIG-hardened configuration management controls (CM-2) that tend to support U.S. Federal government FISMA and Department of Defense Risk Management Framework (DoD RMF) requirements for Federal agencies.
Not just that, achieving compliance with these controls also makes it possible for organizations to satisfy NIST 800-53 Rev5 requirements, as they would stand a better chance then to securely configure their technology solutions and protect against potential threats.
Another detail worth a mention is rooted in the introduction of FIPS-140-2 / FIPS-140-3, ClarotyOS capabilities that come decked up with the means to help you achieve a FIPS-140-2/3 compliant outcome, both for data in-transit (SC-8 / SC-13), and at-rest (SC-28) at deployment.
Beyond that, we have NIST SP 800-53, FISMA, ISA/IEC-62443 that allow users to add time-based one-time passwords (TOTP) for multi-factor authentication.
There is also a ISA/IEC-62443 compliance reporting facility to confirm whether the environment, network, or site satisfies IEC standards. In essence, this reporting provides critical insights that help analyze the organization’s compliance status and simplify the evaluation process.
Founded in 2015, Claroty’s rise up the ranks stems from providing the deepest asset visibility and the broadest, built-for-CPS solution set, which is inclusive of exposure management, network protection, secure access, and threat detection. Markedly enough, the company can provide these capabilities on premise with Claroty Continuous Threat Detection (CTD) or in the cloud with Claroty xDome.
Claroty’s excellence in what it does can also be understood once you consider it is deployed by hundreds of organizations at thousands of sites globally.
“Government agencies are fighting an uphill battle right now, facing greater threats with fewer resources,” said Jen Sovada, General Manager, Public Sector at Claroty. “They need technology that comprehensively addresses current and emerging cybersecurity threats so they don’t sacrifice efficacy for efficiency. Claroty continues to develop CTD intentionally, to meet the specific needs of those working to secure our nation’s critical operations—from understanding exposure, remediating vulnerabilities, and enabling compliance.”
