International Cyber Expo International Cyber Expo
  • About Us
Tuesday, 14 July, 2026
IT Security Guru
International Cyber Expo
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Armis Identifies Riskiest OT and ICS Devices across CNI

Heightened Risks for Manufacturing, Utilities and Transportation  

by The Gurus
June 13, 2023
in Press Releases
Armis: Top Performer in Asset Visibility and Real-Time Detection in MITRE Engenuity ATT&CK® Evaluations for Industrial Control Systems (ICS)
Share on FacebookShare on Twitter
Armis has released new research identifying the riskiest devices that pose threats to critical infrastructure industries: manufacturing, utilities and transportation. Data analysed from the Armis Asset Intelligence and Security Platform, which tracks over three billion assets, found that the operational technology (OT) and industrial control systems (ICS) devices that present the highest risk to these industries are engineering workstations, SCADA servers, automation servers, historians and programmable logic controllers (PLCs).
Prioritization and vulnerability management remains an issue
Armis research found that engineering workstations are the OT device that received the most attempts of attack in the industry in the past two months, followed by SCADA servers. Fifty-six percent of engineering workstations have at least one unpatched critical severity Common Vulnerabilities and Exposures (CVEs) and 16% are susceptible to at least one weaponised CVE, published more than 18 months ago.
Uninterruptible Power Supplies (UPS) are the third device type that suffered the most attack attempts in the past two months. Although critical for continuity in an event of power outage, data showed that 60% of UPS devices have at least one unpatched critical severity CVE, which, as showcased with TLStorm, could potentially lead criminals to cause physical damage to the device itself or other assets connected to it.
Programmable Logic Controllers (PLCs) are another example, with 41% having at least one unpatched critical severity CVE. These legacy devices are of high importance as if attacked could lead to the disruption of central operations, but the research highlighted they can be susceptible to high risk factors such as end of support hardware and end of support firmware.
A set of additional devices represent risk to manufacturing, transportation and utilities environments as they have at least one weaponised CVE published before January 2022: 85% of barcode readers, 32% of industrial managed switches, 28% of IP cameras and 10% of printers.
OT industries are characterised by having multiple locations, multiple lines of production and complex distribution lines with a vast amount of both managed and unmanaged devices on their networks. In that context, understanding where risk comes from and remediation is needed presents a significant challenge and can be an obstacle to vulnerability management, posing an entry point for malicious actors.
“In an ICS environment it’s pretty common to have vulnerable devices, so professionals need to see what assets are on their network and additional intelligence on what those devices are actually doing,” said Nadir Izrael CTO and Co-founder of Armis. “Contextual data will enable teams to define what risk each device poses to the OT environment so that they can prioritise remediation of critical and/or weaponised vulnerabilities to quickly reduce the attack surface.”
There is a need for collaboration between OT and IT teams
OT industries have significantly changed in the past years due to the convergence of OT and Information Technology (IT). This alignment is driving a new phase for the Industrial Era and will enable cross-domain collaboration but, in practice, unified management of both environments has yet to take place. With OT teams focused on maintaining industrial control systems, mitigating risks to OT and ensuring overall integrity within operational environments, more IT focused duties have been left aside.
Four out of the five riskiest devices notably run windows operating systems, showcasing how a basic understanding of asset risk and securing vulnerable assets is still a challenge for IT and OT teams.
Armis looked at device types and found that many are more exposed to malicious activity because they are using the SMBv.1 protocol, end of support operating systems and many open ports. SMBv.1 is a legacy, unencrypted and complicated protocol with vulnerabilities that have been targeted in the infamous Wannacry and NotPetya attacks. Security experts previously advised organisations to stop using it completely but the data shows it is still preeminent in the field.
“From an organisational perspective, having a risk-based approach to vulnerability management must go hand in hand with OT and IT departments working together to help coordinate mitigation efforts,” continued Izrael. “Cross-departmental projects will help streamline process and resource management and achieve greater compliance and data security. Overall, to navigate the challenges of the new industrial era, security professionals need an IT/OT convergence security solution that shields all assets connected to the network.”
The Armis Unified Asset Intelligence Platform discovers all connected assets, maps out the communications and relationships between them, and adds contextual intelligence to help understand their context and the risk they may introduce to the business. It is purpose-built to protect both OT and IT environments, and can ingest meaningful signals from hundreds of IT and OT platforms. Armis’ cloud-based threat detection engine uses machine learning and artificial intelligence to detect when a device is operating outside of its normal “known good” baseline and triggers an automated response for an easier management of the overall attack surface.
ShareTweet
Previous Post

Understanding Neurodiversity in the Workplace to Create a Better Workplace Environment for Everyone

Next Post

Art = Human + Machine

Recent News

Forescout Uncovers AI Assisted Phishing Campaign Using Fake eCards

Forescout Uncovers AI Assisted Phishing Campaign Using Fake eCards

July 14, 2026
Lidl Confirms Data Breach After Third-Party IT Provider Hack

Lidl Confirms Data Breach After Third-Party IT Provider Hack

July 14, 2026
Black Duck Adds AI-Powered Triage and CRA-Ready Checks to Coverity Static Analysis

Black Duck Adds AI-Powered Triage and CRA-Ready Checks to Coverity Static Analysis

July 14, 2026
AI Appreciation Day: Celebrating Progress, Embracing Responsibility

AI has crossed from assistant to operator, Check Point research warns

July 14, 2026

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2026 IT Security Guru - Website Managed by Dessol

  • About Us
Manage Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
  • Manage options
  • Manage services
  • Manage {vendor_count} vendors
  • Read more about these purposes
View preferences
  • {title}
  • {title}
  • {title}
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2026 IT Security Guru - Website Managed by Dessol