Latest news with #Claroty
Techday NZ
01-07-2025
- Business
- Techday NZ
Wavelink appoints Danny Meadows to lead expansion in New Zealand
Wavelink has launched its operations in New Zealand, appointing Danny Meadows as regional manager in a bid to strengthen relationships with local partners and vendors while expanding its presence in the region. The company has historically provided support to New Zealand partners from its Australian operations for over two decades. With this new investment, Wavelink will now establish a dedicated local team in New Zealand, led by Danny Meadows. This strategic move forms part of a broader regional expansion plan and responds to increasing demand from vendors and partners for a stronger local presence. Expansion and leadership The appointment of Meadows and the establishment of a New Zealand team denote Wavelink's intention to build a lasting presence in the market and accelerate growth. The company aims to align its operations more closely with the needs of strategic vendors and to better support joint go-to-market efforts. The New Zealand technology market is experiencing heightened demand for advanced solutions in cybersecurity, mobility, storage, and networking, particularly within key sectors such as critical infrastructure, government, healthcare, and logistics. Wavelink plans to address this demand by introducing its range of mobility and security vendors, including Censys, Claroty, Garland Technology, Honeywell, Orca Security, Penguin Solutions, SOTI, Spectralink, and Swimlane. Additional vendors are expected to be added in the coming months. Supporting local partners Wavelink's expanded presence will mean local partners have access to portfolio solutions that are already established in neighbouring markets, supported by enablement, training, and support services. This is expected to help channel partners accelerate deal cycles, support evolving customer needs, and improve competitiveness in New Zealand. Ilan Rubin, chief executive officer, Wavelink, said, "Expanding into New Zealand is a key part of Wavelink's regional growth strategy. There is increasing demand from partners and vendors for a local presence, and this investment reflects Wavelink's commitment to meeting that demand with the right people and support. Having Danny on the ground gives Wavelink the ability to provide a more consistent and dedicated partner experience and meet the growing expectations of the vendor community. Danny's appointment reflects Wavelink's commitment to New Zealand as a growth market and positions the business to accelerate its momentum, especially as many vendors serve both the Australian and New Zealand markets. Danny's industry experience, local insight, and partner-first mindset align strongly with Wavelink's values, and the company is confident he will play a key role in shaping the next phase of its ANZ expansion." Danny Meadows will operate from Auckland, tasked with developing Wavelink's network of partners and building a local team. His background includes decades in the IT industry and experience building high-performing teams within both distribution and vendor roles. His main focus will be on onboarding and enabling partners, helping ensure that Wavelink's proven approach and vendor portfolio is effectively introduced to the New Zealand market. Danny Meadows, regional manager, New Zealand, Wavelink, said, "I'm excited to be joining Wavelink and using my extensive network and local knowledge to further establish the New Zealand arm of the organisation. Wavelink's unique approach to distribution will be a huge selling point to open doors to channel partners. Wavelink's reputation for delivering genuine channel value and its strong portfolio of vendors make this an ideal time to launch a local presence in New Zealand. I'm looking forward to building the business with the support of an experienced and committed team." The company's move is seen as a response to global vendor demand for consistent coverage and strengthened capability across the Australia and New Zealand region. By investing in local leadership and market capability, Wavelink aims to reinforce its position as a trusted partner across both sides of the Tasman. Follow us on: Share on:
Yahoo
26-06-2025
- Business
- Yahoo
Most building management systems exposed to cyber vulnerabilities, experts warn
This story was originally published on Facilities Dive. To receive daily news and insights, subscribe to our free daily Facilities Dive newsletter. Three out of four companies have building management systems vulnerable to hacking or cyberattack, according to a new research paper by Claroty, a cyber-physical systems protection company. More than half of affected organizations had systems insecurely connected to the internet with known exploited vulnerabilities that were linked to ransomware, it said. The report studied over 467,000 building management systems across 500 organizations. Within those organizations, 2% of devices essential to business operations were operating at the highest level of risk exposure, according to the report. The high exposure level of these devices provides malicious cyber actors with easily accessible entry points that 'leave the door open to costly and potentially dangerous disruptions,' Claroty said Wednesday in a release. This combination of risk factors is concerning due to the widespread reliance on these systems to operate HVAC, lighting, energy, security and other systems in commercial real estate, retail, hospitality and data center facilities, the company said. Many building management systems are old and were not built with internet connectivity in mind. As a result, some may no longer be supported by their respective vendors, meaning vulnerabilities remain unpatched, Claroty says. While these systems were previously operated independently by facilities management staff, they are now more commonly connected and integrated using advanced building management and building automation systems, according to the report. But the benefits of connecting operational technologies and Internet-of-Things devices to the internet come with 'very clear cybersecurity tradeoffs if not properly managed,' Claroty says. Third-party access provides another set of risks, with many vendors bringing in their own remote access technologies that may not be enterprise-grade or support security features like multifactor authentication, Claroty says. For facilities managers working to meet occupier demand for high-tech amenities, integrating vendor technologies can present trouble, according to Tom Karounos, global head of building technology at Tishman Speyer. 'You start adding these things, you add complexity from other vendors coming in and plugging things into your network, [and] you always run the risk' of a cyber attack, Karounos said during a panel at the Realcomm IBcon conference earlier this month. Organizations undertaking digital upgrades have an opportunity when bringing BMS online to measure the business impact and safeguard the operational criticality of those devices, Claroty says. They can accomplish this by adopting a security framework that provides decision-makers and asset owners with a true assessment of security, as well as a remediation plan that can assist risk management teams and is understandable by executives, the company says. 'With BMS controlling so much of modern-day CPS infrastructure, it's critical to move from a reactive approach to a proactive strategy,' Claroty says. 'Unless organizations use a comprehensive asset management solution to discover every device within a network, vulnerabilities and risks to critical assets can lurk unseen.' The cyber-physical security firm advises a five-step action plan for this framework, including scoping, discovery, prioritization, validation and mobilization. By following these steps, operators can gain full visibility into assets and their exposure, assess the potential impact on business continuity and provide security and operations teams with information that can enable practical, non-disruptive risk reduction, per the report. Vetting vendors is especially important, according to Karounos, who says his company has a rigorous evaluation process. 'We do that on a yearly basis,' he said.'We take the vetting process very seriously, and we partner with our procurement team to keep us honest, so there's no ambiguity there.' Recommended Reading Understanding cyber risk in smart building tech
Techday NZ
20-06-2025
- Business
- Techday NZ
Exclusive: Logistics firms face rising OT cyber threats amid global tensions
Cyber attackers are increasingly targeting logistics and supply chain networks, aiming to destabilise nations and gain strategic leverage without ever crossing a border. According to Leon Poggioli, ANZ Regional Director at Claroty, the recent cyber espionage affecting logistics firms supporting Ukraine is not an isolated trend but part of a broader pattern. "There's two key reasons nation states do this," he explained during a recent interview with TechDay. "One is to disrupt the other nation's defences, and the other is to put political pressure on the general public by interfering with their supply chains." These attacks frequently target operational technology (OT) systems - the core infrastructure behind physical processes in logistics, energy, manufacturing and healthcare. Poggioli said attackers exploit connectivity in these environments to carry out sabotage remotely. "A lot of these environments have some kind of external connectivity, so that gives an attacker an ability to remotely trigger a cyber attack and disrupt those supply chains." In some cases, tactics have extended to disrupting weapons infrastructure, such as drones. "When one nation uses drones, the other will defend itself by trying to jam signals and disrupt that infrastructure," he explained. Compared to IT systems, OT vulnerabilities can be far more complex and risky to remediate. Poggioli noted that in OT, even small changes can impact safety and operations. "In the IT world, it's easy to push patches out," he said. "In OT, even a minor change can disrupt operations, so remediation needs to be more targeted." Claroty's platform is built to help organisations quickly cut through large volumes of vulnerability data to find what really matters. "A site may have 1,000 vulnerabilities, but we can whittle that down to the five that make the most impact," he said. "That becomes a manageable number that a cyber leader and OT asset manager can act on within weeks." Recent data from Claroty's global survey of cybersecurity professionals reinforces the growing financial and operational risks posed by cyber attacks on cyber-physical systems (CPS). Nearly half of respondents (45%) reported financial impacts of $500,000 USD or more from such attacks in the past year, with over a quarter suffering losses of at least $1 million. These costs were largely driven by lost revenue, recovery expenses, and employee overtime. "It's a growing concern across multiple sectors, particularly in chemical manufacturing, energy, and mining – more than half of organisations in those sectors reported losses over half a million dollars," Poggioli said. Ransomware remains a major burden, especially in sectors like healthcare where 78% of organisations reported paying over $500,000 to regain access to encrypted systems. "These are real costs, not theoretical risks," he added. "And they're rising." Operational downtime is also widespread. Nearly half of global respondents experienced more than 12 hours of downtime following an attack, with one-third suffering outages lasting a full day or more. "When operations halt, the financial and reputational damage mounts quickly," Poggioli said. He added that one of the most pressing vulnerabilities is the level of remote access in these environments. "We're seeing around 45% of CPS assets connected to the internet," he said. "Most of that is done through VPNs that were never built for OT security." Third-party access is another growing concern, with 82% of respondents saying at least one cyber attack in the past year came through a supplier. Nearly half said five or more attacks stemmed from third-party connections, yet 63% admit they don't fully understand how these third parties are connected to their CPS environment. Poggioli pointed to this as a critical blind spot. "Legacy access methods and poor visibility are allowing attackers in through the back door," he said. Even more concerning is the risk from insiders. "You want to be able to trust your team, but someone with inside knowledge can do more damage than an external attacker," Poggioli said. "Even air-gapped environments need constant monitoring." A cyber attack on Denmark's power grid in 2023 served as a wake-up call. "One operator didn't even know they had the vulnerable firewall in their system," he said. "That's why visibility is so important. You can't secure what you don't know exists." While preparedness across the logistics sector varies, Poggioli believes the industry is slowly recognising the strategic value of cybersecurity. "It's going to become a point of competitive advantage," he said. "Customers are going to start asking serious questions about cyber security and supply chain integrity." He drew a sharp distinction between cyber criminals and state-backed actors. "Cyber criminals want fast financial gain, but nation states are more focused on political objectives," he said. "They have better resources and longer timelines. That changes the game." Poggioli warned that just because no incident has occurred doesn't mean attackers aren't already embedded in critical networks. "There's growing evidence of adversaries nesting in these systems," he said. "My hypothesis is they're preparing for future conflict. If war breaks out, they're already in position to strike." For logistics firms looking to strengthen their defences, Poggioli said the first step is basic visibility. "Most people I speak to admit they don't know 100% what's out there or how it's connected," he said. "Start with an asset inventory. Once you have that, you can start risk modelling and reduce exposure." There are signs that resilience strategies are making a difference. According to the Claroty report, 56% of professionals now feel more confident in their CPS systems' ability to withstand cyber attacks than they did a year ago, and 72% expect measurable improvements in the next 12 months. Still, Poggioli said complacency is not an option. "If you don't know how big the problem is, you won't know how to solve it," he said. "Once you understand the risks, you can act to protect your operations and show the business the value of cyber security."
Techday NZ
06-06-2025
- Business
- Techday NZ
Claroty adds business-centred risk tools to xDome platform
Claroty has introduced new capabilities to its Claroty xDome platform designed to offer organisations an impact-centric perspective of their cyber-physical systems (CPS) environment. The Claroty xDome platform now features Device Purpose and Risk Benchmarking, additions that enable users to assess how the risks within their CPS environment are influenced by the function of each device, such as those deployed across production lines, building floors, or hospital wings. These functionalities are intended to help organisations prioritise risk reduction by evaluating potential impacts on critical business outcomes and facilitate greater collaboration between CPS personnel and other business units. Research from Gartner highlights the shifting focus in this area. According to the firm, "Organisations are becoming aware of their blind spots. Asset-intensive organisations increasingly realise that CPS environments are value creation centres. A manufacturing company makes money by producing goods, for instance. Once largely 'out of sight, out of mind,' boards and C-suite executives increasingly want to know how their CPS production and mission-critical environments are protected." Historically, the CPS protection sector has concentrated on an asset-centric approach, offering detailed visibility into individual assets and their respective risks. Although developing a comprehensive asset inventory is considered a core component of any cybersecurity programme, Claroty points out that an exclusive focus on assets might inadvertently prompt security teams to invest resources in protecting devices whose compromise would have minimal or no direct business impact. The company notes the need for organisations to align remediation efforts with the business importance of each asset, whether it relates to critical public services or the company's largest revenue-generating systems. Claroty emphasises scenarios such as a security analyst and operational technology (OT) engineer evaluating two identical devices, where understanding each device's business function is crucial for determining which to address first. The Device Purpose and Risk Benchmarking features in Claroty xDome aim to enable this shift from asset-centricity to impact-driven risk mitigation. These tools furnish maintenance teams with the business context necessary to avoid process disruption, operational downtime, and financial loss. Integrating business context with technical risk profiles creates a shared framework for dialogue between security teams and CPS operators, and also links their activities with broader organisational Business Impact Analysis initiatives. Yoram Gronich, Chief Product Officer at Claroty, commented on recent challenges facing the sector, stating: "The security of critical infrastructures are under growing scrutiny as adversaries increasingly target these systems of the greatest criticality. The teams managing these environments are facing mounting pressure from multiple fronts in their organisations and need tools that exponentially make their jobs easier so they can focus on protecting the mission-critical infrastructures that sustain societal operations - that means having the business context to meaningfully reduce risk." Among the key features of Device Purpose, users can categorise assets according to a hierarchical model and taxonomy aligned with their specific industry sector. The setup allows refinement from an established baseline that includes business impact scoring. This, in turn, enables measurement of how device-level and overall risk scores are affected when assets are reprioritised based on business importance. Risk Benchmarking, the second core capability, gives organisations the ability to compare their CPS risk environment against those of similar organisations. With these analytics, users can observe how protection measures for their most critical assets stack up against industry peers, and track the effectiveness of risk mitigation strategies across a range of risk factors and multiple network segments over time.
Yahoo
03-06-2025
- Business
- Yahoo
Infosight Inc. partners with Claroty® to Deliver Comprehensive OT Cybersecurity Solutions
MIAMI, June 3, 2025 /PRNewswire/ -- Infosight Inc., a premier provider of 24x7 OT/ICS MDR & Threat Monitoring, today announced a strategic partnership with Claroty, the cyber-physical systems (CPS) protection company. This collaboration delivers a fully integrated OT security solution designed to help critical infrastructure and industrial organizations proactively manage risk, ensure regulatory compliance, and protect operations from evolving cyber threats. Under this partnership, Infosight Inc. will incorporate Claroty's unified CPS platform into its service offerings, providing customers with: Complete Asset Visibility: Automated discovery and classification of all OT and IoT devices Risk‑Based Vulnerability Management: Prioritized remediation based on business impact Real‑Time 24x7 Threat Detection & Response: Continuous monitoring powered by Claroty's threat intelligence Secure Remote Access: Zero‑trust connectivity for third‑party vendors and internal teams Compliance Assurance: Simplified adherence to IEC 62443, NERC CIP, and other industry regulations "With OT environments under growing attack, organizations need full asset visibility, proactive vulnerability management, and a partner who understands both OT and cybersecurity," said Tom Garcia, CEO of Infosight Inc. "Our partnership with Claroty enables our SOC to deliver turnkey, end-to-end protection for your entire OT and IoT ecosystem." "Infosight's deep industrial expertise combined with Claroty's market‑leading platform creates a best‑in‑class offering for organizations looking to strengthen their cyber resilience," said Tim Mackie, Vice President of Worldwide Channel & Alliances at Claroty. "Together, we're helping industrial operators safeguard mission-critical infrastructure and maintain business continuity. The joint OT cybersecurity solution is available immediately. To learn more, visit or contact About Infosight Inc. Infosight Inc. delivers innovative industrial technology solutions that optimize operations, improve safety, and enhance cybersecurity. With expertise in automation, cloud integration, and managed services, Infosight helps organizations achieve operational excellence and resilience. Media Contacts Infosight Inc. | info@ +1-305-828-1003 Infosight Inc. | +1-305-250-1022 View original content to download multimedia: SOURCE InfoSight, Inc. Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
