Published on: July 29, 2024
SafetyDetectives recently interviewed Bill Noto, the Vice President and Industry Principal at Claroty, to delve into the intersection of cybersecurity, operational technology, and renewable energy. Bill Noto brings a wealth of experience from his previous roles at GE and Fortinet, as well as a strong academic background in computer science and renewable energy. At Claroty, he spearheads the solution, customer, and product marketing teams, focusing on innovative strategies in complex environments.
Can you introduce yourself and talk about your role at Claroty?
My name is William Noto and throughout my career I’ve served as a leader at the intersection of cybersecurity, operational technology and renewable energy. As Vice President, Industry Principal at Claroty, I lead the solution, customer and product marketing teams, where I develop a proven track record of innovating in complex, cross-functional environments. Beyond Claroty, my work has also been instrumental in securing several key patents in wind turbine technology and industrial asset management. Prior to joining Claroty, I spent 12 years at GE before leading OT marketing at Fortinet for two years. I also hold a BA in Computer Science from Middlebury College and an MBA in Renewable Energy from UMass Amherst.
Can you give us an overview of Claroty’s core mission and how it serves your clients?
Claroty’s core mission is to ensure that the virtual and physical worlds can safely converge and connect. We serve our clients by providing tools to protect cyber-physical and critical infrastructure systems across both public and private sectors.
At Claroty, we are hyper aware of the fact that companies cannot protect what they cannot see. Our aim is to give customers the visibility and insights needed to proactively protect systems from attacks. Claroty’s solutions cut through countless alerts to help customers prioritize the risks that are mission-critical. Through this work, we help the most at-risk industries — healthcare, manufacturing, energy, and more —bolster their cybersecurity efforts.
Our cyber-physical systems protection platform integrates with customers’ existing infrastructure to provide a full range of controls for asset inventory, exposure management, network segmentation, secure access, and threat detection. Backed by the world’s largest investment firms and industrial automation vendors, Claroty is deployed by hundreds of organizations at thousands of sites globally.
With the astronomical growth in connected devices, Claroty will continue to address needs, like meeting new regulations, from different businesses across verticals that have emerged from the growing frequency of cyberattacks.
In the context of cybersecurity, how important is it for companies to have an incident response plan, and what should it include?
Incident response plans are an essential method of staying on track with your organization’s cybersecurity framework, a foundational element of cyber and operational resilience. However, understanding and aligning with the intricacies of each framework to develop an effective incident response plan can prove difficult. Critical infrastructure organizations must ensure they are implementing the right tactics to monitor and assess the effectiveness of security controls, identify areas for improvement, and develop and implement an incident response plan that is aligned with these elements.
It is also crucial to ensure that incident response plans consider where control systems are operating counter to safe and reliable operations while considering scenarios inclusive of adversary TTPs. Using a platform that provides this information by delivering full-spectrum asset discovery, segmentation, threat detection, risk and vulnerability management, and triage and mitigation controls for OT networks can be especially useful for this. Incident response and mitigation is essential for adhering to guidelines within many cybersecurity frameworks, like the NIST framework, which requires it.
How does Claroty tailor its solutions to meet the unique security needs of Extended IoT environments?
As Extended IoT (XIoT) networks become widespread in critical infrastructure, there will be a shift from focusing on the network to prioritizing the security of individual assets in CPS. Organizations will balance maintaining physically separate sites with embracing an asset-centric approach for digital infrastructure to stay competitive.
Like the efficiency seen in IT networks, there are cost benefits to using virtualization in previously isolated networks. However, making virtual and converged XIoT networks practical requires a clear understanding of secure operations, detecting policy violations, and effective segmentation using firewalls and micro segmentation—a shift that is becoming the new normal in cybersecurity architectures.
Claroty is attuned to this context and the importance of securing XIoT environments. We’ve tailored our solutions to boost IoT asset visibility to address this. In fact, Claroty and ServiceNow recently announced a partnership to further protect XIoT environments. By releasing a new set of native integrations, together we are ensuring all connected XIoT devices are not only secure but are being properly managed.
This collaboration opened the door for customers to automate discovery of all XIoT assets — including operational technology, internet of medical things, building management systems, and other commercial IoT assets. Customers can also merge newly discovered XIoT inventory with current IT inventory and extend existing IT or SecOps vulnerability triage workflows and capabilities to XIoT systems. With the XIoT environment growing, we are doing everything in our power to keep extended assets protected.
What role do you believe AI and machine learning play in advancing cybersecurity defenses?
AI and machine learning will undoubtedly enhance cyber defenses in the coming years. Claroty is adding AI to have the horsepower to help organizations stay secure 100% of the time. That being said, the increased adoption of data-reliant technologies like AI and machine learning is also expected to increase cyber vulnerabilities for XIoT systems. While this will lead many organizations to focus their security investments on IT to keep pace with these emerging technologies, it is critical that they do not overlook the OT risks also associated with them.
Critical infrastructure industries such as manufacturing and healthcare – where IT and OT networks are continuing to converge – must balance security investments across both environments to ensure they are truly prepared against risk. While many of these industries may seem primed for AI adoption, it is crucial that they do not rush into adoption without taking the steps necessary to secure their expanded attack surfaces.
What are the common misconceptions about cybersecurity in industrial environments that you encounter?
One common misconception is that OT security is not as important as IT security. While this may have once been the case, the number of connected assets today has made OT security non-negotiable. Some threat actors are even using IT weakness points to access OT systems, indicating the importance of enhancing security for both IT and OT environments. However, most critical infrastructure organizations have a difficult time prioritizing OT vulnerabilities to effectively mitigate the most dangerous threats in their environment. Between global conflict, emerging technology and siloed workflows across IT, security and operations teams, you’re left with one thing – greater security risks. Organizations must eliminate the misconception that OT security is not a priority if they want to stay protected against increasingly complex attacks.