Securing OT systems demands smart software, even smarter strategies
Consider the modern cyber-hacking bad guys. They are increasingly organized and strategic in their attacks. They evolve their tools and technologies to adapt to current conditions. They work out of hubs around the globe, particularly when they are backed by nation states. These guys are smart, persistent, goal-focused.
And in a strange way, the modern cyber-hacking outfit is similar to the Honeywell OT (Operational Technology) Cybersecurity Solutions team, which detailed its work during a media briefing titled “Navigating Operational Technology Cybersecurity Risk And Hardware-based Attacks” at the Honeywell Users Group (HUG) Americas conference this week in Orlando, Fla. In describing their efforts, the Honeywell pros displayed those same organizational traits—strategic approaches, based out of international headquarters, organized, smart, persistent and goal-focused.
Jeff Zindel, OT cybersecurity vice president and general manager for Honeywell Connected Enterprise, kicked off the session with a brief history of their focus in this space—how the cybersecurity team began in the Honeywell Process Solutions arm, but moved into Connected Enterprise to enable quicker decision-making capabilities (critical when combatting hackers) and to grow its ranks. Zindel beamed like a proud poppa when describing his team of 400 of “the best OT cybersecurity professionals” that holds, to date, some two dozen cybersecurity patents.
A particular point of pride is the company’s network of Centers of Excellence dotted around the globe—Atlanta, Dubai, Singapore. “We use these hubs to develop new solutions, train customers, train employees,” said Zindel, adding how they simulate attacks on actual control systems at these centers to practice defense tactics in real-world environments.
Bringing the fight to cyberthreats
The audience for these solutions is growing. Shrunken, overworked, overwhelmed staffs among Honeywell customers are increasingly attracted to outsourcing their security efforts, particularly to teams (like this one) with deep expertise. The COVID-prompted shift to remote work has boosted the need for on-demand access to offsite assistance. As Zindel has discovered, making these security demands easier for customers has enabled them to keep happier, more committed workforces of their own. “We’re a cybersecurity solution provider,” summarized Zindel. “We can help them do it. We can do it for them. Or they can purchase our products and do it themselves.”
Fellow briefing presenter Paul Griswold, senior director and chief product officer for Honeywell’s OT Cybersecurity team, then addressed prominent emerging challenges in this space, such as USB threats to industrial environments, which oftentimes still rely on that aging approach to manage and patch their systems. It’s also an attractive way for cyber-baddies to infect systems, and an area of focus for the Honeywell team with its Secure Media Exchange (SMX) solution to enable better visibility and management of USB devices, activity and content across the organization, including remote assets.
In a world where there are always emerging threats, the duo predicts an increase in malware attacks on control systems. Ransomware incidents will rise. The need to harden the broader process-control network will become more evident. File transfers will continue to be vulnerabilities within manufacturing environments, as will the ever-problematic human being; social-engineering tricks and simple mistakes will forever bedevil organizations, to the consternation of security pros and the delight of those trying to outwit them.
Hackers aren’t going anywhere. Cyberthreats will only grow more persistent, more complex, more intelligent in our increasingly connected industrial world. Zindel, Griswold and their Honeywell army of 400 professionals are evolving right alongside them.
The editors of Control, Control Design and Smart Industry are reporting live from 2022 Honeywell Users Group in Orlando, Florida, to bring you the latest news and insights from the event. When the event comes to a close, the best, most important coverage will be compiled into a report by the editors.
Register now to pre-order the report and be among the first to receive it in your inbox.