CATCH hosted their Cyber Security (Operational Technologies) Network on Wednesday 11 June with over 20 delegates in person and via Teams. The focus of the session was a presentation with Elliot Gidley from Claroty on the topic of vulnerability and risk management.

By seeking to improve operational efficiency to drive profits, management boards are exposing more risk to the business through allowing greater connectivity to systems from, for example, vendors. Bad operators can then exploit these potential weakness with the aim to ransom the business to fund criminal activity.

Digitalisation is driving innovation through automation and robotics, digital twins, 5G networks and edge computing. Potential back doors are being opened up across these areas. Critical infrastructure is governed by regulations and frameworks to control and manage this risk.

Currently 69% of OT organisations typically pay ransoms ($1.1B in 2023) compared to 24% for IT environments. OT victims can present serious safety and other implications from being offline/out of production so paying the fine can be the lowest risk option.

Elliot gave an overview of a recent survey looking at OT Exposure and the Global State of CPS Security in 2025. Findings showed that 12% of researched organisations have OT assets communication with malicious domains, through eg. KEVs & insecure internet connections. Elliot highlighted how to prioritise remediation through a focus on known exploited vulnerabilities, ransomware links and insecure internet connections. The group discussed the risks exposed to sites by some vendors and how clients can work together with vendors to improve security.

Elliot demonstrated how Claroty can help manage exposure through business impact assessment. It is important to create a priority list of vulnerabilities for operational technologies to focus time and resources. Elliot took many questions and after a coffee break ran through a demonstration of the Claroty xDome dashboard and functionality.

The next meeting of the Cyber Security Network will be hosted at Tronox on Wednesday 15 October. For more information about CATCH Networks please contact katie.hedges@catchuk.org.