September 10, 2024 at 10:27AM
Cyber-physical systems security firm Claroty warns that excessive use of remote access tools in operational technology (OT) environments can heighten cybersecurity risks. Their analysis reveals that 55% of organizations use four or more remote access tools, with some relying on 15-16, many lacking essential security features. This poses serious security and operational challenges.
Based on the meeting notes, the key points are:
1. Excessive use of remote access tools in operational technology (OT) environments can increase the attack surface, complicate identity management, and hinder visibility, as highlighted by the cyber-physical systems security firm Claroty.
2. Claroty’s analysis of data from over 50,000 remote access-enabled devices in customers’ OT environments reveals that 55% of organizations use four or more remote access tools, with some relying on as many as 15-16 tools, including non-enterprise-grade ones.
3. Several remote access tools lack essential security features such as session recording, auditing, role-based access controls, and multi-factor authentication, making them inadequate for defending OT environments.
4. Certain remote access tools, such as TeamViewer and AnyDesk, have been targeted by sophisticated threat actors, posing additional security concerns.
5. The use of remote access tools in OT environments introduces both security and operational issues, including increased attack surface, higher costs with more tools, monitoring and detection inefficiencies, and deployment mistakes due to missing centralized controls and security policy enforcement.
Overall, the excessive use of remote access tools in OT environments presents significant cybersecurity challenges and risks, including vulnerabilities, high costs, and operational inefficiencies.