OT Risk Management

CIARA: Industrial Risk Assessment & Management Platform

Designed to empower CISOs to increase the effectiveness of their risk-mitigation measures, while optimizing cybersecurity expenditure



Threat-intelligence-based Breach & Attack Simulations


Per-zone key indicators for Risk, Threat & Control levels


ROI-optimized mitigation plan based on user preferences & budget


Quarterly hardening plan implementation planner


Customizable reports for risk posture and compliance auditing


Fully IEC 62443-compliant for ZCRs & zone FRs

Radiflow’s OT Risk Management Provides Full Visibility into your Risk Posture and Threat Landscape

Radiflow CIARA is the first-of-its-kind ROI-driven risk assessment & management platform for industrial organizations.

CIARA employs a threat intelligence-driven breach & attack simulation (OT-BAS) engine for assessing risk. Radiflow’s OT-BAS algorithm calculates the per-zone likelihood of attacks and the effectiveness of corresponding risk-mitigation measures (both installed and proposed), and accounts for the impact of attacks on different business processes. This is done using thousands of data points for network, asset, locale, industry, adversary capabilities and attack tactics.

The outcomes of CIARA’s simulations are key indicators for risk, threat and control levels; a variety of OT- security reports; and a comprehensive hardening plan (fully ISA/IEC 62443-compliant), prioritized by each mitigation control’s contribution to achieiving the user’s risk management goals.

Serving as a stakeholder decision-support tool, CIARA empowers ICS CISOs and owners to optimize their OT- security expenditure and ensure the effectiveness of threat-mitigation controls.


CIARA uses geo-location, among many other factors, to calculate risk, threat and control levels



ROI-Based Risk Management

CIARA’s unique breach & attack simulation algorithm combines the likelihood of successful attacks (based on the industrial network’s unique characteristics as well as threat intelligence data) with their quantitative real-world impact (e.g. monetary loss or non-compliance) to assess the risk introduced by different zones. Based on this analysis, CIARA produces a prioritized list of cybersecurity controls based on their contribution to achieving the user’s security goals.

By following CIARA’s mitigation roadmap, users are able to divert expenditure from mitigations which marginally reduce risk (given the actual threats the network faces) to those that produce the most cybersecurity ROI.

CIARA’s risk-mitigation planner helps CISOs and stakeholders schedule the installation of controls over time to meet budgetary constraints. CIARA’s implementation dashboard simplifies status reporting and presentation to stakeholders.



CIARA’s threat mapping, based on its breach & attack simulation results


Automated, Data-Driven Risk Assessment

The complexity and the scale of modern, industry 4.0 ICS networks render risk evaluation by traditional risk assessment procedures practically impossible. You simply can no longer “eyeball” risk. Moreover, as networks’ devices change, and with the rapidly-changing threat landscape, ad-hoc or annual risk reviews are no longer sufficient.

CIARA’s OT-BAS (breach & attack simulation) engine simulates hundreds of commonly-used security controls against relevant known threats, factored against common OT risk scenarios (loss of availability, loss of control, damage to property, etc). This is done using a broad range of data sources:

  • The iSID-generated Digital image of the OT network
  • Vulnerability management: mapping CVSS/CVEs
  • Virtual penetration testing (based on MITRE-ICS simulations & Radiflow Lab research)
  • User and system behaviour analysis
  • Historical data on previous incident scoring
  • Adversary threat intelligence (including MITRE ATT&CK™)
  • Change management detection

CIARA was designed to enable managed security services providers (OT-MSSPs) to offer their industrial (ICS) users ROI-driven risk assessment and management services (in tandem with Radiflow’s award-winning iSID Industrial Threat Detection Platform.


CIARA’s threat mapping, based on its breach & attack simulation results



Fully IEC 62443-Compliant Management Process

Compliant with the ISA/IEC 62443 standard, CIARA helps customers that are new to OT Cybersecurity to achieve compliance and optimize their cybersecurity expenditure. CIARA’s risk assessment & mitigation planning process utilizes ZCRs (zone & conduit requirements) as specified in the standard:

Step 1 (ZCR #1): Learning the network

Network information is obtained from a digital twin (model) of the network produced by Radiflow iSID, culminating in a full network visibility report displaying all assets, protocols, and links.

Step 2 (ZCR #2-4): Network definition & Initial Risk analysis

Zones (operational units) and Conduits (between zones) are defined and each is assigned a monetary impact or HSE value; Industry & geo-location characteristics are used to assess the relevance of adversaries (using the MITRE ATT&CK database); Attack scenarios are simulated. The result is a complete Zone and Target Security Level (SL-T) listing, which users can adjust based on their preferenes.

Step 3 (ZCR #5): Analysis of each zone’s Foundational & Security requirements

CIARA compares between each zone’s current and required security level, and presents the user with a variety of security reports as well as a complete network hardening roadmap , which prioritizes mitigation controls by their contribution to achieving the user’s network security & management objectives.

Step 4 (ZCR #6-7): Finalizing mitigation plan and applying security controls

Upon implementation of each prescribed Control measure, CIARA will re-calculate the network’s overall risk score as well as the security position of each zone.


Part of Radiflow’s full-stack industrial cybersecurity solution

CIARA is part of Radiflow’s innovative solution suite for industrial organizations. Designed for industrial organizations of all sizes, CIARA is an integral part of Radiflow’s multi-tier OT detection & prevention toolset, which includes the award-winning iSID industrial threat detection platform, the iSAP low-bandwidth smart collector for distributed networks, and the iCEN central multi-site management tool for corporate or OT-MSSP SOCs.

Request Demo Contact Us
Skip to content