Honeywell released Nov. 2 its operational technology (OT) cybersecurity solutions to help users defend the availability, reliability and safety of their industrial control systems (ICS) and operations. These products include Advanced Monitoring and Incident Response (AMIR) dashboard software and updated Cyber App Control (CAC), which empower organizations with 24/7, intelligent threat detection across the expanding attack surfaces of their ICSs.
AMIR is built on Honeywell’s experience and knowledge in security, industrial automation and safety. It’s reported to increase the cybersecurity capabilities of security operation centers (SOC) to strengthen OT cybersecurity across the enterprise. AMIR also provides threat detection, security monitoring, alerting and incident response powered by security information and event management (SIEM) and security orchestration, automation and response (SOAR) capabilities, OT operational knowledge and best practices to improve cybersecurity. The service is vendor neutral, and supports Honeywell and non-Honeywell assets on ICS networks.
In addition, AMIR helps mitigate complex OT security incidents, threats and cyberattacks through incident response support provided by Honeywell security professionals. This information is provided via automated and immediate custom alerts, as well as routine trend reports. The addition of an enterprise 24/7 dashboard provides customers with increased visibility into incidents identified and active responses underway.
“AMIR helps fill a major security gap that many industrial customers currently face: the inability to monitor OT environments 24/7 and proactively detect and respond to evolving threats,” says Jeff Zindel, VP and GM at Honeywell OT Cybersecurity. “The addition of an AMIR dashboard offers customers enhanced visibility to know the status of identified incidents and the steps being taken by Honeywell OT cyber professionals to help respond to active threats.”
Previously known as Application Whitelisting, CAC is a vendor-agnostic cybersecurity solution suitable for Honeywell and non-Honeywell control systems. It provides an added layer of security that allows only known and trusted applications to run on ICS assets and increases a customer’s ability to prevent known malware and zero-day attacks on OT environments that often rely on more vulnerable legacy systems with challenging maintenance schedules. The impact of CAC on OT security is significant enough to be highly recommended by cybersecurity frameworks such as the National Institute of Standards and Technology (NIST).
CAC uses the latest software release from security specialist VMware Carbon Black, with special rules and configurations crafted specifically for OT environments, developed by Honeywell’s OT Cybersecurity Centers of Excellence and Innovation. The solution is deployed on-site by Honeywell’s experienced and certified OT cybersecurity engineers to ensure customer-specific needs are met.