Interviews | October 10, 2024

Legacy Technologies Threaten Critical Infrastructure Security


Armis

Nadir Izrael
CTO and Co-Founder

Armis

Q1. In your view, what are the most significant blind spots in current approaches to securing connected devices in enterprise environments?

One of the most significant blind spots that enterprises face is not knowing what connected assets they have in their environment and how these devices interact with one another. To address this, security teams should conduct comprehensive asset inventories that identify all of the devices connected to their network. This includes IT, OT, IoT, IoMT, BMS (building management systems), cloud, virtual, managed and unmanaged assets.

Once security teams have better visibility of the assets in their environment, they need to anticipate risks and threats to these devices. To do this, they can leverage AI-driven actionable threat intelligence that provides insights into potential threats, allowing organizations to understand their impact and take preemptive action.

Another area that enterprises often struggle with is effective vulnerability prioritization and remediation. Research from Armis Labs has found that patch rates for critical CVEs are not prioritized, and, irrespective of the weaponization status of a CVE, organizations consistently grapple with patch rates at 62% for non-weaponized and 61% for weaponized vulnerabilities. Therefore, it is critical that security teams take a holistic approach to prioritization and remediation, with a focus on the vulnerabilities that are most likely to be exploited and negatively impact their business.

Overall, enterprises need to shift from a reactive to a proactive cybersecurity stance. They must adopt a comprehensive strategy that proactively identifies and mitigates cyber asset risks, remediates security findings and vulnerabilities, and protects the entire attack surface. In doing so, enterprises can stay ahead of emerging threats and safeguard their digital footprint with confidence.

Q2. As more critical infrastructure becomes digitized, what do you see as the biggest security risks that enterprises are underestimating?

The digitization of critical infrastructure has led to the convergence of OT and IT assets, which greatly expands the attack surface. Legacy technology further compounds this issue and is an area that I see enterprises underestimate. Industries like Healthcare and Manufacturing are still using end-of-life (EoL) or end-of-support (EoS) operating systems that are no longer actively supported or patched for vulnerabilities and security issues by the manufacturer, making these devices vulnerable to modern cyber threats. To effectively identify and mitigate threats in real time, organizations must continuously see, protect and manage all critical assets – from the ground to the cloud.

In addition, I am seeing some enterprises underestimate how AI has transformed the threat landscape. Cyber attackers are increasingly leveraging AI to evolve their tactics and exploit new vulnerabilities, and they are doing this with more speed, scale and sophistication than ever before. That’s why the only way to combat AI-fueled threats is with AI-powered solutions.

Security teams have historically played an endless game of catch-up, caught in a constant cycle of responding to threats and attacks after they occur. This can result in compromised data, damaged reputations, significant financial loss and more. As we move beyond traditional defense to proactive, AI-powered front-footing, relying on manual processes and legacy solutions is the equivalent of bringing a knife to a gunfight. Security teams must fight fire with fire, strengthening their capabilities and defenses with AI. They need to take control of the situation, ensuring the entire attack surface is both defended and managed in real time.

Q3. What key topics or technologies does Armis plan to focus on at SecTor24? How does your company plan on engaging with customers and other organizations at the event?

SecTor24 is an important event for Armis, and we look forward to showcasing our AI-powered cyber exposure management platform, Armis Centrix. The comprehensive platform addresses the entire lifecycle of cybersecurity threats:

  • Asset Management and Security: Complete asset inventory of all asset types allowing any organization to see and secure their attack surface.
  • OT/IoT Security: See and secure OT/loT networks and physical assets, ensure uptime and build an effective and comprehensive security strategy.
  • Medical Device Security: Complete visibility and security for all medical devices, clinical assets and the entire healthcare ecosystem.
  • VIPR Pro – Prioritization and Remediation: Consolidate, prioritize and remediate all vulnerabilities and security findings; improve mean time to resolution (MTTR) with automatic remediation and ticketing workflows.
  • Actionable Threat Intelligence: Early warning Al-based system that leverages intelligence from the dark web, smart honeypots and human intelligence to stop attacks before they impact your organization.

Customers, partners and other organizations can stop by our booth (#503) to connect with our team and learn more about Armis Centrix. I will also be presenting with Mohammad Waqas, our CTO of Healthcare, on the topic, Shifting Left of Boom - 3 Keys to Running a Proactive vs. Reactive Cybersecurity Program. The session will take place Wednesday, October 23, from 11:15 - 11:45 am ET in Room 801A.

For more details about the activities we have planned at SecTor24, please visit our website.

Sustaining Partners