Radiflow has earned industry-wide acclaim for its unique, fully IEC62443-compliant Cyber Industrial Automated Risk Analysis Platform (CIARA), which enables CISOs to optimize their cybersecurity expenditure by non-intrusively simulating breach attempts in industrial automation networks and prioritizing the most effective mitigation measures.
The new version of CIARA allows users to further customize their cybersecurity optimization with additional operational and budgetary criteria, in line with Radiflow’s consistent vision of “Taking the guesswork out of OT cybersecurity.”
Radiflow CEO Ilan Barda announces the new features: “CIARA was accepted in the market with great enthusiasm as the first-of-its-kind OT BAS solution (breach attack simulation). Since its release, we have witnessed increasing demand for risk prioritization in the dynamic OT/ICS threat landscape. Our new version addresses the critical need for data-driven decision-making. We are proud to empower CISOs to build the best budget-driven mitigation plan.”
With the new version, CIARA users can:
Customize their OT-security optimization: Users can now select between different criteria to balance between security, compliance, and budget. CIARA prioritizes the security requirements for mitigation measures (SRs) that match the chosen criterion, toward maximizing their cybersecurity ROI. Current optimization criteria include among others:
- Zone impact: What’s the financial impact of a disruption in that zone?
- Tolerable risk: Which zone has the lowest tolerable risk (as defined by the user)?
- Compliance gap: Which zones have the highest discrepancy between actual security measures and those prescribed in the IEC62443 standard?
Include new supply chain threats in attack simulations: Supply chain attacks, such as the SolarWinds breach, exploit vulnerabilities in vendors’ networks. In addition to the fundamental requirement control groups in IEC62443, CIARA users can now add a security control group for Supply Chain attacks (NIST 800-161) which will include such attack tactics in CIARA’s breach simulations and prioritize the effectiveness of relevant mitigation measures.
Budget and Plan:
CIARA’s new OT security project planner automatically generates a complete quarterly mitigation plan based on the user’s optimization preferences, which balances the estimated cost of mitigation controls vis-à-vis quarterly budget constraints.