Professional Documents
Culture Documents
ICS Security The Purdue Model Claroty
ICS Security The Purdue Model Claroty
ICS Security The Purdue Model Claroty
Learn More
ENG Menu
Share:
Featured Articles
Case Studies
In this article, we will discuss three ways that the Purdue Model can
Podcasts
help organizations limit the scope of what an adversary can do or
access within their converged enterprise and how they can enable
industrial operational resilience.
Interested in learning
Essentials of the Purdue Model about Claroty's
Cybersecurity
NotPetya is still widely regarded as the costliest and most Solutions?
destructive cyberattack in history. However, it also served as a
warning for organizations to prioritize industrial operational
resilience, which NIST defines as: “The ability of systems to resist, Request a Demo
absorb, and recover from or adapt to adverse occurrence during
operation that may cause harm, destruction, or loss of the ability to
perform mission-related functions.” Operations came to a standstill at
multinational corporations across a wide swath of sectors including
healthcare, energy, and transportation, resulting in an estimated $10
billion in damages. It was only a matter of time for cybercriminals to
realize that operational technology (OT) networks are critical to
operations, and therefore extremely valuable.
This process can be a drawn out and costly endeavor. But, Claroty’s
Continuous Threat Detection (CTD) is here to help, with a unique
feature called Virtual Zones, which enables virtual segmentation
within the OT environment. Claroty’s CTD maps out network
communications to provide behavioral baselines. It also uses these
baselines and leverages AI to segment the entire network into
Virtual Zones, which are policy-defined groups of assets that
communicate with one another under normal circumstances. This
can include micro segmentation for XIoT, creating even smaller
groups of assets with which these devices can communicate. CTD’s
Virtual Zones feature is a cost-effective and efficient way to establish
what “normal” looks like and be alerted to lateral movement from
malicious actors as they try to establish a presence, jump zones, and
move across the environment.
You can’t prevent every attack, but you can get ahead of certain
threats by assessing your security posture and prioritizing patching
known exploited vulnerabilities. In instances where patching isn’t
possible or practical, such as with legacy systems or XIoT devices
you don’t control, compensating controls and smart best practices
enabled through the Purdue Model will bridge the gaps and
strengthen operational resilience.
Understanding the above three ways the purdue model can protect
your organization from today’s advanced cyberthreats is key to
successfully securing your industrial control systems. A strong
network architecture, similar to that of the purdue model, improves
overall ICS security and provides a foundation for additional security
measures to be incorporated overtime. As we’ve established,
securing your industrial environment starts with strong architectural
defenses. Establishing network segmentation, implementing a Zero
Trust architecture, and an effective vulnerability management
strategy are essential concepts the purdue model supports. By
partnering with a ICS security provider, like Claroty, organizations can
successfully implement these concepts allowing for cyber and
operational resilience.
Share:
Partner Login
RESOURCES COMPANY
Blog Careers
Reports Newsroom
Datasheets Events
Podcasts
Videos
© 2023 Claroty. All rights reserved. Terms & Conditions / Privacy Policy