Tenable Launches One for OT/IoT, Offers Visibility to IT, OT, and IoT

Tenable has unveiled One for OT/IoT, marking the debut of the exposure management platform offering comprehensive visibility into assets across both IT and operational technology (OT) environments.

As technology continues to advance, physical assets such as HVAC systems in data centers, badge readers in office buildings, and cameras on manufacturing floors are now integrated with IT, creating a larger cyber attack surface. The interconnectivity of IT, OT, and IoT assets has led to an increase in cyber attacks that originate in IT systems and spread into OT environments, which can result in significant consequences.

Chief Information Security Officers (CISOs) are responsible for securing both OT and IoT environments, and they are accountable for their protection. With the growing complexity of cyber threats, CISOs must evaluate and prioritize the risks associated with all of these assets, implement appropriate security measures, and ensure compliance with relevant regulations and industry standards. They must also collaborate with other departments and stakeholders to develop comprehensive security strategies that cover the entire organization.

One for OT/IoT expands visibility beyond IT to encompass OT and IoT, assisting security leaders in obtaining a comprehensive understanding of actual exposure across their entire attack surface. This pioneering approach enables organizations to prioritize security risks wherever they exist, whether in the cloud, data center, or the OT environment. Most importantly, it facilitates an understanding of how these risks generate attack pathways across their infrastructure.

Users can also assess their worldwide exposure, encompassing OT assets, to evaluate their security stance relative to other companies in their industry. They can also glean further insights from their OT assets, enabling them to make more informed decisions swiftly.

The Tenable One platform integrates the most extensive vulnerability coverage across IT assets, cloud resources, containers, web applications, identity systems, OT, and IoT assets. Leveraging Tenable Research's extensive threat intelligence, regulatory compliance insights, and vulnerability expertise, it incorporates data analytics to prioritize actions and mitigate cyber risks effectively, enabling:

• Extensive visibility extends beyond the IT environment to encompass the contemporary attack surface.
• Risk intelligence for mitigating operational risks
• Effective planning and decision-making with actionable insights across enterprise and critical infrastructure environments.

“On a daily basis we witness threat actors finding creative ways to disrupt businesses through non-traditional paths. Risk doesn’t end at IT. For those that rely on physical computing technology, OT and IoT often power their most business-critical activities. Any disruption is extremely damaging and often results in an inability to function,” explained Amir Hirsh, SVP and general manager of OT Security, Tenable. “We understand that OT environments require a different approach from IT and we’ve designed our security solution so teams no longer have to choose between cybersecurity or productivity. They can have both.”

During a recent U.S. Congressional hearing, high-ranking officials from various security agencies, such as the Cyber and Infrastructure Security Agency (CISA), the FBI, the Office of the National Cyber Director (ONCD), and the National Security Agency (NSA), sounded the alarm on the increasing threat to OT (operational technology) systems posed by nation-state actors.

These officials confirmed that Chinese hacking campaigns are actively targeting critical services such as U.S. electricity systems, water utilities, and military organizations. The officials also revealed that the Volt Typhoon, a threat actor sponsored by the People's Republic of China, has already established a foothold on U.S. IT networks. The Volt Typhoon is now poised to move laterally to OT assets and disrupt critical functions. An international advisory has since confirmed these findings.

The Tenable One for OT/IoT license encompasses not only Tenable One but also includes a companion license for Tenable OT Security and Tenable Security Center.