Dave Weinstein - Claroty

In 2015 we started Claroty to secure the safety and reliability of industrial control networks that run the world, reducing the risk of costly cyber-attacks.

We are all aware of the importance of cyber security in IT to prevent malware attacks that can steal data and shut down websites or entire facilities. At first this was only a concern for IT because the systems were separate. Now that manufacturers have access to more sophisticated operational technology (OT) that converges with their IT network, facilities of all sizes are at risk. We noticed that no one was addressing this issue and there was a significant gap in the market.

However, it’s not as simple as applying traditional IT cybersecurity software to OT. Industrial control systems speak exclusively over closed protocols that cannot be understood. Our CTO and co-founder saw the opportunity to build a custom tool unit that could monitor protocols in OT.

Our company started fairly small and after receiving investments from large companies we now have over 130 employees working in our head office in New York as well as partners in Tel Aviv and the Asia-Pacific region. We have customers across a range of vertical sectors in the industry such as pharmaceuticals, mining, and oil and gas in over 25 countries.

Our Claroty Platform is an integrated set of cyber security products that provides extreme visibility, unmatched cyber threat detection, secure remote access and risk assessments for industrial control networks.

Our continuous threat detection products offer manufacturers continuous monitoring and real-time insights about their system. It is designed to ensure safe, secure and reliable operations in large, complex networks to ensure it does not impact operational processes.

Secure remote access enables businesses to safeguard their networks from unmanaged and unmonitored remote access. This is a single, manageable and clientless interface that all external users can connect on that is separate from the internal network. It can help to facilitate software updates, periodic maintenance and other support activities without compromising security.

Manufacturers can purchase this software with a subscription service that is based on the size and number of sites, the number of devices and the amount of traffic that is delivered between these devices. This makes it affordable for any business as they will only pay for what they need.

Discovering devices is always the first thing we do when working with a new business. This may sound trivial, but most of the larger companies that we work with struggle to understand what is on the network and do not have a real-time asset inventory. By connecting the network to our platform, we can discover every device and baseline the amount of daily traffic. OT networks use mainly machine-to-machine communication that is repeatable and predictable, so our platform can interpret and predict all of this communication and will notice threats based on deviation.

Our initial challenge was to develop the sophisticated analysis needed to reverse engineer protocols to efficiently monitor the network. This required interpreting and monitoring communication between a range of devices made by different manufacturers such as GE, Schneider Electric and Honeywell. We were a small company with few resources so buying the equipment to achieve this was going to be expensive and time consuming.

We also realised that we had a cultural challenge of convincing end users that they must focus on OT security as much as IT security. There are many famous examples of IT security attacks that make industrial companies aware of the importance of cyber security. There are no OT equivalents that have been as impactful, so there was no real urgency for our equipment when we first started.

However, as IT and OT converged, companies have realised that they are exposed if their OT systems are not secure. We are educating the industry about why and how to improve OT security and ensure that they adopt the right protocols to secure their facilities.

Claroty is not the only OT security platform on the market but we offer a breadth of support that companies require to secure the entire network. We understand the protocols and how they communicate so we can offer a deeper level of visibility that other companies cannot provide.

Our platform can also integrate seamlessly with the rest of the ecosystem. We set the alert feeds to go to the correct person that can make immediate changes to secure the network, rather than sending a message to the facility floor. We also translate the language spoken by OT equipment to one that can be digested and actioned by the right people in the company.

Our goal is to lower the barriers to adopting this technology and democratise security. Companies of any size should consider how OT security can impact their business and our product gives them the right resources in the right amount of time and at the right cost for the size of their operation.

Internet of Things (IoT) devices are becoming more widespread and populate more and more OT networks. More companies are beginning to realise Industry 4.0 and transform their processes to improve productivity and reliability.

As industrial automation becomes even more sophisticated, we plan to offer services to secure the world’s most critical infrastructure. Claroty will make sure that businesses can digitalise at a rapid pace without sacrificing security.