In late April, the Cybersecurity and Infrastructure Security Agency expanded the Joint Cyber Defense Collaborative (JCDC) to include industrial control systems (ICS) experts in a bid to increase the U.S. government’s focus on the cybersecurity and resilience of ICS and operational technology. One company joining the JCDC-ICS effort is Claroty, a cybersecurity company that now has its foot in the healthcare space.
Below, Grant Geyer, chief product officer at Claroty, sits down with 24×7 Magazine to talk about Claroty’s new role and how it will impact medical device cybersecurity.
24×7 Magazine: Can you briefly explain what the JCDC is?
Grant Geyer: The Cybersecurity and Infrastructure Security Agency (CISA) Joint Cyber Defense Collaborative (JCDC) was established in August 2021 to unify defensive actions and drive down risk in advance of malicious cyber incidents by bringing together some of the biggest players in the cybersecurity industry. The goal of the JCDC model is to strengthen the nation’s cyber defenses through innovative collaboration, advanced preparation, information-sharing, and fusion between public and private sectors as well as federal and state, local, tribal, and territorial governments.
24×7: The announcement is about a recent expansion to include industrial control systems experts. What’s behind this expansion?
Geyer: What’s different now is that what happens in the cyber world can start to impact the physical world. Industrial control systems (ICS) are connected devices that can control the flow of electricity, ensure the right mix of chemicals in drinking water, and drive efficient production in manufacturing plants.
While digital transformation creates new sources of efficiencies, it also makes industrial enterprises vulnerable to hackers. CISA sought to expand the JCDC to ensure that companies safeguarding our infrastructure systems can provide their unique insights and mechanisms for sharing intelligence. We are proud to have been selected as part of a short list of ICS experts in the market to participate in this group. This allows Claroty to offer CISA an ICS security point of view, helping implement regulations and policies that will protect the nation’s infrastructure and citizens.
24×7: What are some of the cybersecurity challenges that critical infrastructure owners and operators face on a daily basis?
Geyer: Critical infrastructure and operational technology (OT) operating systems tend to be older than their IT system counterparts, making them more difficult to patch, update and, in general, safeguard from cyberthreats. Ransomware gangs, therefore, view them as opportune targets to attack for financial gain, and nation states can target these systems to disrupt or sabotage services that the public relies on. Most recently, the U.S. government disclosed a toolkit called Incontroller that was purpose-built to attack a Ukranian electric system.
24×7: Why did Claroty decide to join the JCDC-ICS effort?
Geyer: Our mission is to safeguard critical infrastructure and OT systems from cyberthreats. Joining the JCDC helps Claroty provide its unique perspective to advance the state of ICS security across the industry. Being able to contribute our knowledge base and offer valuable insight into safeguarding our nation’s critical infrastructure is an honor and will benefit us all.
24×7: How does the JCDC-ICS effort—and Claroty’s role in it—impact the medical device industry?
Geyer: In addition to the U.S. government citing healthcare as one of its 16 critical infrastructure sectors, hospitals have Internet-based systems connected to patients, which include clinical devices like MRI machines and infusion pumps. Additionally, hospitals rely on industrial control systems like building management systems to keep their elevators operational, their ventilation working, and many other critical functions.
In January, Claroty officially acquired Medigate, a highly awarded, healthcare-specific cybersecurity company, allowing us to advance our mission to secure critical infrastructures. Now, as a player with deep knowledge of the healthcare space, we can offer our expertise to mitigate cyberattacks on healthcare organizations. And as a part of JCDC, we can help change the future of healthcare cybersecurity for the better.
