What's so fortunate about a time when cybersecurity intrusions and attacks are multiplying daily in number and severity? Well, the good news is that many users, system integrators and suppliers in the process control and automation field are shaking off their former fear and paralysis, and ramping up their awareness and responses to cybersecurity threats.
"This is a lucky time because we're witnessing a pivotal moment in cybersecurity," said Eric Knapp, global director of cybersecurity solutions and technology at Honeywell Process Solutions. "Weapons-grade exploits were recently released into the wild, but it's an encouraging time, too, because we've come a long way on cybersecurity," said Knapp in his keynote address to attendees of the Honeywell Users Group Americas conference this week in San Antonio, Texas.
Cloud and ATIX aid security
Air gaps and other barrier methods between plant-floor equipment/applications and enterprise/business-level systems have long been relied on by process engineers in the hopes that they'd prevent cyber probes and potential attacks. However, multiplying ports, network connections and other often-undocumented access points usually render such barriers ineffective, so network traffic evaluation tools are becoming more crucial for effective security, and Knapp reported this is where that data-processing power of cloud-computing can really lend a hand.
"We must get across the air gap, and we need to embrace the cloud to do it," said Knapp. "Cyber attackers already know how to cross air gaps, and if we don't do it, then we're limiting our ability to respond to cyber threats and attacks. It just takes a little courage from us, and Honeywell Process Solutions (HPS) can help."
To help users with their cybersecurity efforts, HPS recently introduced its Advanced Threat Intelligence Exchange (ATIX), which Knapps reported is the world's first industrial threat intelligence and detection cloud. It consists of securely networked detection engines, master threat registry, reporting functions, machine learning analytics, third-party threat intelligence features and other tools.
"ATIX will help users employ heuristics, sandbox technologies and other tools to detect threats, zero-day exploits and other problems, which all benefit from the cloud's computing capabilities," added Knapp. "The cloud can enhance data centers and Honeywell products. The air gap is no longer an effective defense, but the cloud can be."
[sidebar id =1]
In a cybersecurity media briefing later on June 20, Knapp and Jeff Zindel, vice president and general manager for cybersecurity at HPS, reported on several other Honeywell solutions and initiatives to make cybersecurity more effective and easier for users to employ. They include:
- The acquisition of NextNine, provider of secure connectivity solutions, announced on June 12. This almost 20-year-old firm also produces cybersecurity monitoring and management software that is deployed at 6,200 sites worldwide. NextNine's solutions deliver outbound-only connections to its Managed Security Service Center (MSSC), authenticated remote access, automated security software updates, and performance and security monitoring.
- Singapore Cyber Security Lab and Center of Excellence (SoC), opening by the end of 2017. Following the recent openings of similar Honeywell cybersecurity SoCs in Atlanta and Dubai, this facility will enable sharing, testing and deployment of cybersecurity solutions, and offer red/blue team training on managed security services.
- Secure Media Exchange (SMX), which reduces cybersecurity risk and operational disruption by monitoring, protecting and logging use of removable media such as USB drives.
- Enterprise Risk Manager, which provides cross-plant, cyber-risk visibility across all site-specific implementations of the Honeywell Risk Manager solution.
"We're the leading cybersecurity services, technology and support organization focusing on industrial and critical infrastructure protection," said Zindel. "We have 150 professionals on our team, plus consultants and other partners. We offer industrial cybersecurity solutions in four major areas, including industrial security consulting, managed security services, integrated security technology and cybersecurity software. All of these help users monitor their applications, and identify security vulnerabilities and threats.
"However, the industrial cybersecurity we provide isn't just for Honeywell technologies,” Zindel added. “We're helping our customers be more proactive about managing their cybersecurity risk regardless of which PLC or DCS they're using."