“You are buying an outcome not a solution.” Honeywell’s Jazeem Mohammed discussed the company’s outcome-based approach to advancing the OT cybersecurity of its industrial clients.

Can you measure the outcome of your cybersecurity investments?

June 11, 2024
Honeywell’s Jazeem Mohammed discussed the company’s outcome-based approach to advancing the OT cybersecurity of its industrial clients

When it comes to cybersecurity measures, return on investment has always been difficult to calculate. As with other forms of risk reduction, how much is enough? And if the feared disaster doesn’t materialize, does that mean you spent the right amount? Too much? Or too little and you just got lucky?

In the case of ensuring the cybersecurity of industrial OT environments, Honeywell Process Solutions has developed a better way based on its more than three decades experience helping to secure the assets of some 10,000 customers, according to Jazeem Mohammed, global industrial cybersecurity director for the leader in industrial automation systems for critical infrastructure.  

The traditional method of cybersecurity investment starts with a transactional, customer-defined initiative that may or may not accomplish an organization’s true goals. “It’s an outdated execution model after which the value of the service provided is not visible, and the customer retains full responsibility for risk management,” Mohammed explained in a presentation at this week’s Honeywell Users Group (HUG) meeting in Madrid.

In contrast, outcome-based services are strategic agreements that both parties agree to. Cybersecurity is treated as an ongoing pursuit; the client pays for intelligent results; and the two parties partner to develop shared roadmaps for the future. “You are buying an outcome not a solution,” he said. And by an outcome, he meant that technologists in the OT realm have had sufficient time to develop standards and regulations that describe the qualities of cybersecure systems.

“And compliance with the standards relevant to your organization is a key outcome that we can help you achieve,” he said. Beyond compliance with industry standards, quantifiable outcomes that can also be addressed include risk reduction, operational safety, workforce development, resilience and business continuity.

The program is modelled on one that the company developed a dozen years ago to work with industrial clients to deliver specific outcomes for users of its Experion PKS control systems. A key difference is that in the case of OT cybersecurity, nearly every plant and every company is already on a journey and may have an array of non-Honeywell systems in place. “It’s not about changing your platform, but how can we help you continue the journey you’re already on,” Mohammed said.

Honeywell’s methodology begins with gaining a better understanding of where a client currently stands on a cybersecurity maturity index, then mapping a journey forward to an agreed upon state, often compliance with relevant industry standards. A range of quantitative key performance and key risk indicators (KPIs and KRIs) create a “posture score,” documenting progress along the way.

“The program will give clear visibility on the investment required to improve cyber outcomes in a timely manner,” Mohammed said. “We look at the outcome; we focus on where you are now, and a vision of where you want to go.”

About the Author

Keith Larson | Group Publisher

Keith Larson is group publisher responsible for Endeavor Business Media's Industrial Processing group, including Automation World, Chemical Processing, Control, Control Design, Food Processing, Pharma Manufacturing, Plastics Machinery & Manufacturing, Processing and The Journal.

Sponsored Recommendations

Measurement instrumentation for improving hydrogen storage and transport

Hydrogen provides a decarbonization opportunity. Learn more about maximizing the potential of hydrogen.

Get Hands-On Training in Emerson's Interactive Plant Environment

Enhance the training experience and increase retention by training hands-on in Emerson's Interactive Plant Environment. Build skills here so you have them where and when it matters...

Learn About: Micro Motion™ 4700 Config I/O Coriolis Transmitter

An Advanced Transmitter that Expands Connectivity

Learn about: Micro Motion G-Series Coriolis Flow and Density Meters

The Micro Motion G-Series is designed to help you access the benefits of Coriolis technology even when available space is limited.