The discovering and providing of security data about IT assets, performed by cloud-delivered, machine-learning security firm CrowdStrike Holdings Inc. is about to be expanded. It will be augmented now through a collaboration with cyber-physical security provider Claroty Ltd.

Operational technology), extended internet of things), building management systems and other cyber-physical assets are increasingly becoming a part of an organization’s attack surface and thus must be included in overall strategy, according to Stephan Goldberg (pictured), vice president of strategic alliances at Claroty.

“With emerging technologies, everything is being converged,” he said.

Goldberg spoke with theCUBE industry analyst Dave Vellante at last September’s theCUBE @ Fal.Con event, during an exclusive broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio. They discussed how the IT security space is expanding into these physical assets.  (* Disclosure below.)

Air-gapping no longer an option

“Traditionally, most manufacturers and environments that were heavy on operations … they had the networks air-gapped, completely separated,” Goldberg said.

That is no longer the case because business requirements demand everything to be networked: IoT, OT and the classic IT.

“Today we’re seeing the IT vendors on the OT side, and the OT vendors, they’re worried about the IT side,” Goldberg added. That’s as the traditionally IT-managed space merges with OT.

Air-gapping, the traditional method that cyber-physical assets, such as a controller or a turbine, have been secured, isn’t a valid option anymore.

“You don’t get updates, and you don’t really know what’s going on in your network,” Goldberg said. By adding security, “you have much higher probability detecting fast and responding fast. If you don’t have it, you are just blind,” he added.

Up first with this approach, which is being branded Falcon Discover for IoT at CrowdStrike, is to discover everything in depth. “To the level you need to know application versions of these devices — just knowing that’s an HMI [interface] or that’s a PLC [controller] by Siemens is insufficient,” Goldberg stated.

Risk assessment follows with a vulnerability score. That’s followed by actions, he added.

Here’s the complete video interview, part of SiliconANGLE’s and theCUBE’s coverage of theCUBE @ Fal.Con 2022:

(* Disclosure: CrowdStrike Holdings Inc. and Claroty Ltd. sponsored this segment of theCUBE. Neither CrowdStrike/Claroty nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE