• Photo by Keith Larson
    “There’s a misnomer in the industry about the ongoing convergence of IT and OT; we’re essentially converged already.” Honeywell’s Paul Smith together with colleague Brandon Cho discussed the latest recommendations for ensuring network cybersecurity.

    Digital defense: The new playbook for cyber resilience

    June 11, 2025
    With cyber threats as the new normal, organizations need to be prepared to protect their assets

    As cyber threats proliferate at breakneck speed, organizations need to bolster their cybersecurity. “The threat landscape is ever growing and when a threat presents itself, it becomes easier to exploit,” said Paul Smith, director of engineering for cybersecurity at Honeywell during his tandem presentation with Brandon Cho, CISSP/CISM, director of OT cybersecurity at the Honeywell Users Group 2025 conference in San Antonio.

    In their presentation “Various Ways to Defend Against Cyber Attacks: Navigating the Security Tool Maze,” the two Honeywell cybersecurity experts painted a vivid picture of the complexities and vulnerabilities in today’s digital landscape.

    With the convergence of IT and OT domains, they say the right combination of tools, comprehensive threat detection and ongoing training can equip companies to stand firm against potential breaches. “There’s a misnomer in the industry about convergence,” Cho said. “We’re essentially converged,” adding that this means many companies’ control systems are running on non-proprietary technologies, making them susceptible to a wider array of threats.

    Challenges of tool selection

    There are an overwhelming number of available options for cybersecurity tools, which in turn can make it overwhelming for organizations to choose the right solutions. “The complexity increases, so the organization that is depending on cybersecurity tools often struggles to build an integrated system that provides advocacy across that security environment,” said Cho. “We have to test them; we cannot just go by the vendors’ marketing materials.” He encouraged attendees to take a hands-on approach, validating solutions through rigorous testing in their own environments rather than relying solely on promotional content.

    Smith added the importance of getting a holistic view of cybersecurity tools and the concept of layered defense as a critical cybersecurity strategy. “You have to integrate layers of control together across physical, technical and administrative means,” Cho added. The goal, he noted, is to create a comprehensive defense mechanism against multifaceted cyber threats.

    Incident response, proactive threat detection

    The panel was candid about the necessity of robust incident strategies, which extend beyond just technology. “Regular training is really important because we get into the place of buying our tools and then forgetting to use them,” Smith said, cautioning a common pitfall that companies can face, which is purchasing advanced cybersecurity solutions without adequately training staff to utilize them effectively.

    Red team/blue team engagement exercises can provide insights into existing gaps and the effectiveness of tools, Smith said. The ongoing need for training staff helps ensure employees are not only familiar with the tools employed but also understand how to effectively leverage them in their workflows.

    Proactive monitoring for threat detection is important. “You need to have something that’s looking at that, doing some user behavior analytics, all these tools,” Smith said. “There's a ton of tools that can actually put in place to see user behavior. If we have Bob coming into the facility, and Bob only ever touches three PLCs, and he’s been doing that for 10 years, what happens and are you running rules?” A proactive stance allows organizations to identify anomalies before they escalate into severe security incidents, he said.

    Cho added: “Have your vendors come in; have your vendors train your staff” to help foster a culture of continuous learning and preparedness.

    “I encourage you to reach out [to your vendors] and say, ‘What tools are generating alerts for my environment?’” Smith said. A proactive strategy can help companies understand their tools better and improve their overall cybersecurity posture.

    Implementing effective strategies

    Overall, Smith and Cho provided these strategies for upping OT cybersecurity defenses:

    • Adopt a systematic approach. Establish a clear framework for vendor selection, ensuring that tools are rigorously tested in a controlled environment before implementation.
    • Use layered defense. Integrate multiple layers of cybersecurity tools and practices to create a comprehensive defense mechanism against cyber threats.
    • Prioritize training and education. Regularly train staff in cybersecurity tools and best practices. Invest in continuous education to ensure teams are equipped to respond effectively to threats.
    • Foster vendor relationships. Maintain open lines of communication with vendors for ongoing support and optimization of cybersecurity tools.
    • Implement proactive monitoring. Install systems for active monitoring and threat detection to catch potential breaches before they escalate.
    About the Author

    Sharon Spielman | Machine Design

    As Machine Design’s technical editor, Sharon Spielman produces content for the brand’s focus audience—design and multidisciplinary engineers. Her beat includes 3D printing/CAD; mechanical and motion systems, with an emphasis on pneumatics and linear motion; automation; robotics; and CNC machining.

    Spielman has more than three decades of experience as a writer and editor for a range of B2B brands, including those that cover machine design; electrical design and manufacturing; interconnection technology; food and beverage manufacturing; process heating and cooling; finishing; and package converting.

    Email