Claroty CEO Yaniv Vardi on the Need to Guard Medical DevicesWhy Claroty Is Offering IoT, OT, IoMT and Connected Device Security in One Platform
The purchase of healthcare security startup Medigate means Claroty can address the IoT, OT, IoMT and connected device needs of hospitals from a single platform.
The New York-based industrial security vendor says its single-platform approach facilitates everything from network mapping and segmentation to continuous threat detection and greater visibility into connected devices, says CEO Yaniv Vardi. The company's relationships with Rockwell Automation and Schneider Electric offer access to proprietary protocols and unmatched domain expertise, Vardi says (see: How to Defend Critical Infrastructure Against New Threats).
"Healthcare, being a market with great needs, was one that we wanted to address as part of the strategy of addressing the physical world," Vardi says. "Our xDome cloud offering combines our capabilities for the benefit of industrial, manufacturing, healthcare and commercial enterprises."
In this video interview with Information Security Media Group, Vardi also discusses:
- Why industrial cybersecurity customers need to safeguards IoMT devices;
- How the Medigate acquisition compares to Forescout's buy of CyberMDX;
- The fastest-growing technologies within Claroty's portfolio during 2022.
Vardi is responsible for leading Claroty through its next stage of growth and solidifying its position as the leader in OT security. Prior to joining Claroty, he served as global managing director of Centrica Business Solutions International, managing eight countries and expanding the company's proposition mainly in Europe, South America and Asia-Pacific into a significant business. Prior to joining Centrica, Vardi was the CEO of Panoramic Power, a global pioneer in energy management solutions for global C&I customers, which was acquired by Centrica. Before that, he was co-founder and managing director of Sparta Systems EMEA, successfully driving its operations to be the leading provider of QMS in the life science industry and leading the company to a successful acquisition.
Michael Novinson: Hello, this is Michael Novinson with Information Security Media Group. I'm joined today by Yaniv Vardi. He is the CEO at Claroty. And he joined Claroty in July 2020. Since that time, he has raised $540 million in two rounds of funding, and spearheaded the acquisition of Medigate last year. Yaniv and I are going to take a look back at 2022, this was to look ahead at what to expect in 2023. Good morning, Yaniv. How are you?
Yaniv Vardi: Hey, good morning, Michael. Very good. Thank you.
Novinson: Thanks so much for making the time here. Want to start off with something I just raised, that being the acquisition of Medigate. I know it's been roughly a year since that acquisition was announced. What has that done? What does that mean for Claroty and its customers, bringing Medigate in?
Vardi: Sure. Obviously, the market that we're addressing is the cyber physical systems and Claroty, prior to the acquisition, was focusing on critical infrastructure, industrial manufacturing, and the biggest differentiation for us was our domain expertise. We're really focusing on helping these organizations securing all the physical assets that are connected. The health care side of things was also under attack, and still is, unfortunately. And so health care being a market with great needs was one that we wanted to address as part of the strategy of addressing the physical world. And hence why we decided to acquire Medigate and combine and merge the two companies together to really secure the cyber physical systems in the critical infrastructure. Since then, we merged the two companies, we came up with xDome, our Cloud offer that combines the benefits and capabilities for the industrial manufacturing, healthcare and commercial enterprises. Since then, we're not only now addressing all the industrial control systems and the related assets, the IIoT (the industrial IoT), the IoMT, on the medical device, the clinical assets, but also the enterprise IoT. And so combine it all in one platform over the cloud, to take advantage of our domain expertise, and take it to the next level, providing unmatched visibility, because that's what we learned is one of the biggest challenges that our customers in the market is going through, vulnerability and risk management with the mitigated actions that customers need to take, threat detection in real time, and secure remote access, all following the holistic approach in a unified platform.
Novinson: So, in terms of those different arms that you mentioned, is it typically the same customer who's turning to you for IIoT, IoMT, OT or are they typically different customers who want each of those capabilities?
Vardi: So, the customers - if it's an industrial company or a utility, or oil and gas company, will always have the IIoT, the industrial IoT with different sensors, like temperature, pressure sensors, but also OT assets. Think about PLCs and HMIs, and SCADA. But today, the CISA would like to make sure they also cover all connected physical assets within the four walls of a side, hence BMS (building management systems), and not just the industrial side of things, but also the BMS and the smart cameras and whatever is connected. Same for hospitals. It's not just covering IoMT, not just the medical devices, but the BMS, the elevators, the smart cameras and smart devices, everything that is connected in the network should be protected. And so to your question, today, the CISOs are trying to look at a holistic approach that cover visibility, for example, for all connected assets and not just one area or another.
Novinson: In terms of the Medigate acquisition, was that primarily bringing you into a new set of customers, notably hospitals and health care organizations? Or was there a need for that IoMT technology? Also, within your existing customer base, where there a lot of existing customers clamoring for that?
Vardi: It's actually both right. So the differentiation of Medigate versus others by far is the solution but also their market share, their customers - they have thousands of hospitals using them to protect their networks. By far, they're leading the market, winning best in class. The industry report year over year as the best health care cybersecurity solution that is out there. So it's actually both that we gain from.
Novinson: From the standpoint of the customer with the rollout of xDome in August, what's the tangible benefit for customers of having that single platform for that IIoT, for the OT, for the IoMT, for the connected devices? What is the need for customers to have this all on one platform?
Vardi: Sure. So first, unmatched visibility. It's not just one set of devices that you identify, but all connected assets are being identified. Like I said, from the OT, or the IIoT, the industrial IoT, to the BMS, to IoMT, all connected devices are now visible, mapping the network, understanding what you have and how these assets are connected is a must for this organization. And then we get into vulnerability and risk management. We get into network policy management, the ability to perform network segmentation, we get into continuous threat detection, all in one class.
Novinson: Wanted to talk a little bit about the market landscape. And what we've seen, most notably Forescout also extended to the health care security space with their acquisition of CyberMDX. How do you feel the combination that Claroty-Medigate combination stacks up against Forescout and CyberMDX? What makes your combination different?
Vardi: Sure. Look, these companies are also great companies, without a doubt. The differentiation we look at Claroty and Medigate together combined is really covering all assets without domain expertise. The proprietary protocols that we address, the domain expertise that we have, the relationship with the device manufacturers, if it's Rockwell Automation, Schneider, Siemens on the industrial side, or if it's the device manufacturers on the medical device side of things, the relationships, these proprietary protocols, the domain expertise is really what differentiates Claroty and Medigate, the merge, from others.
Novinson: And want to get a sense, because they know your business spans industrial commercial healthcare. What's been the fastest growing area, the fastest growing technology within Claroty portfolio this past year and why?
Vardi: Sure. It's a good question. Look, first, it's definitely clear for us that connectivity and the race for connectivity is accelerating big time, you know, talking about 30 billion devices, IoT devices, connected by 2025, the race to connectivity by far outpaced the ability to secure it for these companies. And so, we see that on the industrial and manufacturing side, all critical infrastructure are really pushing forward, all legacy devices being connected, and also adding more and more IoT devices. Same for health care, we see more and more hospitals are connecting devices to be more effective, more efficient. You know, these verticals are really pushing forward as they need to be more productive, they need to be more competitive. But like I said, they're creating a bigger exposure and kind of expanding the attack surface by going after this connectivity. And all these verticals, I can say that one vertical was, you know, accelerating more than others, all verticals accelerated all critical infrastructure. And at the same time, unfortunately, were attacked. There's a huge percentage of companies who are impacted by ransomware between 2021-2022. And so these companies, not only they are accelerating connectivity, but at the same time, also getting aware to all these attacks, are getting impacted by these attacks. And we need to make sure they have a solution in place to mitigate the risk.
Novinson: Of course. Let's get into the crystal ball here for a few minutes. Look ahead to 2023. For starters, wanted to get a sense of the biggest market opportunity that you're hoping to tackle at Claroty in the year ahead.
Vardi: Yeah, so we'll continue to focus on critical infrastructure, industrial manufacturing health care, because by far, this is the most attack an impacted market today. But at the same time, the market is increasing and accelerating connectivity. We'll continue to focus on that market. We're also starting to serve as the public sector. And so obviously with the Biden administration, executive orders and the different regulations that are coming with the latest cyber performance goals that were published by CISA. We have more and more companies that are not only being aware, but also taking actions. And so, we are starting to service the public sector as well, not just the private sector, both on the federal, but also the state and local governments levels, and we are starting to service this market as well.
Novinson: I see that's very interesting. A two-parter for you. So first off, what are the most significant differences between the needs of the public sector, whether it be federal or state or local, versus the private sector organizations you've traditionally served? And then secondly, what do you see Claroty fitting in terms of the needs that these public sector organizations have?
Vardi: I mean, the needs for the public sector are very similar to the private sectors as far as - first, get to understand and map the network, right? So, visibility is the number one step that the public sector, state and local as well as federal, will have to go through, start to monitor these assets, provide true asset management. And then on top of vulnerability and risk management and threat detection, what we see, obviously, you know, some of the differences are more on the on-premises versus cloud needs, or the willing to jump on the cloud versus the need to stay with the solution on-premises. This is, you know, the differentiation that we see between the different verticals and the sectors, we have this, we have both solutions - on-prem. and cloud. And also, obviously, the speed of moving along and addressing the needs. We also make sure to always partner with a service provider to provide a holistic approach for our customers. And so always a service provider together with Claroty and our technology will address the needs in a public sector to make sure that, you know, the service provider that already has the relationships and is already embedded within the business of the public sector agency or the state or local businesses that will benefit from the combination of the service provider with the technology from Claroty.
Novinson: What investments have you made at Claroty to capitalize on this public sector opportunity, whether it be at the federal level or the state and local level?
Vardi: Sure. So we are going through a FedRAMP certification, the highest certification that is out there. We're also investing in the entity that we have in the U.S. that is addressing the public sector. So the support, the services, the customer success, the technology in all the different functions we invested to make sure we are prepared and effectively and efficiently can serve the public sector.
Novinson:From the standpoint of your customers, what are the biggest security related challenges you see them having to deal with the next year?
Vardi: Yeah, I mean, what we see is, first, a lot of, like I said, connectivity is only accelerating because these guys want to be more productive, more competitive. And so we see that the risk is being expanded, the attack surface is being expanded, right? We see one aspect of it is that the CISOs and the security executives start to understand the impact of that risk. The other trend that we see is consolidations in the market, meaning from a customer perspective, they would like to, you know, handle just the trusted advisor and a solution that is a unified solution and not too many niche players and point solutions, right? Too many solutions to handle, too much integration going on, too many service providers are in the game here. And so they really want to make sure there is a consolidation going on with a trusted advisor that can serve them. At the same time, we see consolidations in the market with more and more M&A. As you'll see more of the big players are actually getting in to acquire niche players that are more focused on verticals and territories that are smaller in size. Again, because of the market, the conditions that are going on today. You'll see more and more consolidations in the market. That will also impact the cybersecurity market next year.
Novinson: Of course. Wanted to ask you finally, gazing at the threat landscape as well, what are some of the most interesting or notable developments that you're seeing that will affect customers in the spaces that you plan?
Vardi: Sure. So first, we see the technology stack expansion, meaning the ability to cover more than before, as the attack surface is being expanded, right? We see the use of remote access growing significantly. COVID-19 really impacted that significantly, where, you know, customers are now allowing remote access by their internal users, but also third-party vendors, more than before. I think it was published last year that 40% of the U.S. economy moved to a hybrid approach where they allow remote access. And so securing remote access is also critical for these companies that are now allowing internal users and third-party vendors into the OT environment, into their networks, into their sites. Related to the public sector, we see collaboration that is being done between the private and the public sectors, understanding the needs, understanding the cyber performance goals, understanding the regulations that are coming up and addressing it. So that's another trend that we see that is coming up next year. And like I said, also the consolidations that we see today, I think we'll be accelerated big time next year.
Novinson: Of course, all very interesting things to watch. Yaniv, thank you so much here for the time.
Vardi: Thank you so much, Michael.
Novinson: You're very welcome. We've been speaking with Yaniv Vardi. He is the CEO at Claroty. For Information Security Media Group, this is Michael Novinson. Have a nice day.