Original equipment manufacturers (OEM) and medical device manufacturers (MDM) have provided well-structured ways of identifying each of their respective cyber-physical systems (CPS) assets in the physical world, but the same cannot be said in the digital world.
Depending on the information source and communication protocol in use, inconsistencies abound in terms of the aliases linked to different industrial and healthcare equipment. This lack of a standardization presents a number of challenges that leave organizations scrambling to ascertain if they have not only a complete picture of all the assets in their environments but also, consequently, of the risk present.
Claroty’s data-driven examination of the problem, available today in the latest Team82 report: “Resolving the CPS Identity Crisis”, exposes the scale of this issue by demonstrating the variances in available product information. It also presents the need for a centralized repository that makes OEM and MDM default configurations available, as well as current vendor-approved patch levels, whether devices are shipped with default or known credentials, and helps identify other risks that impede last-mile remediation.
As for quantifying the problem, our research revealed:
This is where the CPS Library can change the game for CPS risk management. Featuring AI-driven techniques paired with industry-leading expertise, the CPS Library is that centralized repository of necessary identifiers that can be used to properly match assets to known vulnerabilities. The resulting visibility allows organizations to improve the mapping of CPS assets throughout their enterprise networks, which in turn helps security teams with remediation and risk reduction efforts.
We applied our advanced approach to the product catalog of a popular OEM and saw dramatic improvements in asset identification and visibility:
For this OEM, our process for mapping accuracy showed a significant improvement, increasing the product code identification from 4% to 83%
With a matched product code, 56% of devices received new or updated security recommendations for outdated firmware
As a result, we were able to improve the accuracy of identifying vulnerabilities by 25%
Without adequate visibility and device identification, organizations simply cannot manage exposures and proactively mitigate threats. The standardizations in the CPS Library enable users to identify products more complete, and map those assets to known vulnerabilities.
Read the full report here to see the full findings.
