State of XIoT Security

Team82’s analysis of vulnerabilities impacting cyber-physical systems across the Extended Internet of Things—1H 2022

After more than 20 years of connecting things to the internet, we’ve reached a critical mass where the food we eat, water we drink, elevators we ride, and the oil and gas that warms our homes rely on computer code. Today’s cyber-physical systems are directly linked to outcomes in the physical world, and despite the advances in technology that allow us to bring new efficiencies to these services, cybersecurity continues to lag.

That’s why we’ve revamped our biannual report to embrace an understanding of the vulnerabilities being disclosed and fixed within the Extended Internet of Things (XIoT), the umbrella term for connected cyberphysical devices within industrial (industrial control systems and operational technology), healthcare (connected medical devices), and commercial environments (building management systems and enterprise IoT).

In order to properly assess risk within these critical sectors, decision makers must have a complete snapshot of the vulnerability landscape and thus prioritize and mitigate (or remediate) mission-critical systems before they impact public safety, patient health, smart grids and utilities, and more.

The State of XIoT Security report is Claroty’s contextual analysis of cyber-physical security. The data presented in this edition of the report covers the first six months of 2022, and sheds light on the key trends and recommended actions you can apply within your enterprise.

Security managers, asset owners and operators, and IT analysts newly tasked with securing operational technology, IoT, connected medical devices, and building automation for example, are urged to share and use this report as a resource. The State of XIoT Security report presents not only vulnerability data, but also the necessary context around these critical issues in order to assess risk and prioritize remediation.