August 1, 2017 : Addition of Nextnine further strengthens Honeywell’s leadership in industrial
Honeywell (NYSE: HON) announced today that it has completed its acquisition of Nextnine Ltd., which was announced on June 13, 2017. Nextnine is a privately held, leading provider of industrial cyber security solutions. The business will be integrated into Honeywell’s Industrial Cyber Security group and will significantly strengthen Honeywell’s capability to offer multi-vendor, multi-site secure remote access, monitoring and support to protect industrial control systems and critical infrastructure against a growing threat of cyber attacks.

Read More

June 12, 2017 : Honeywell to Acquire Industrial Cyber Security Software Leader Nextnine
Honeywell (NYSE: HON) announced today that it has signed a definitive agreement to purchase Nextnine, a privately held provider of security management solutions and technologies for industrial cyber security. The addition of Nextnine’s industry-leading security solutions and secure remote service capabilities will enhance the Company’s existing range of innovative cyber security technologies and significantly increase Honeywell’s Connected Plant cyber security customer base.

Read More

June 8, 2017 : Honeywell Invests in Cyber Security Innovation Center in Asia Pacific
Honeywell (NYSE: HON) Process Solutions (HPS), with the support of the Singapore Economic Development Board (EDB), will establish a new industrial cyber security center of excellence (COE) for Asia Pacific in Singapore.The COE will feature a state-of-the-art cyber security research and development lab, an advanced training facility and a security operations center that provides managed security services.

Read More

April 4, 2017 : Honeywell Launches New Industrial Cyber Security Solution to Enable Secure Use of USB Devices
Honeywell (NYSE: HON) Process Solutions (HPS) today announced a new solution for industrial sites as they balance productivity and cyber security demands. Honeywell’s new Secure Media Exchange (SMX) protects facilities against current and emerging USB-borne threats, without the need for complex procedures or restrictions that impact operations or industrial personnel.

Read More

February 23, 2016 : Honeywell and Palo Alto Networks Team up to Protect Industrial Control Systems from Cyber Attacks
Honeywell Process Solutions and Palo Alto Networks®, the next-generation security company, today announced they will collaborate to boost the cyber security capabilities of control systems used by industrial facilities and critical infrastructure. This next-generation offering enhances Honeywell’s comprehensive portfolio of cyber security solutions including its Industrial Cyber Security Risk Manager platform.

Read More

June 24, 2015 : Honeywell and Intel Security Team to Secure Critical Infrastructure and Industrial Internet of Things
Honeywell Process Solutions and Intel Security today announced they will collaborate to bolster protection of critical industrial infrastructure and the Industrial Internet of Things (IIoT). Intel Security's McAfee® technologies will be integrated with Honeywell's Industrial Cyber Security Solutions, providing Honeywell customers with enhanced security software to protect their control systems from malware and misuse.

Read More

April 21, 2015 : Honeywell Technology First to Proactively Manage Cyber Security Risk for Industrial Sites
Honeywell Process Solutions today launched the first digital dashboard designed to proactively monitor, measure and manage cyber security risk for control systems for refineries, power plants and other automated production sites throughout the world that are at increasing risk of cyber attacks.

Read More

March 31, 2015 : Honeywell Expands Cyber Security Development Capabilities with new Research Lab
Honeywell Process Solutions announced the opening of the Honeywell Industrial Cyber Security Lab to advance its development and testing of new technologies and software to defend industrial facilities and operations such as refineries and manufacturing plants from cyber attacks.

Read More

November 11, 2014 : Honeywell survey uncovers 3 in 4 adults are fearful that cyber attacks could damage their country’s economy
A recent survey conducted by Ipsos Public Affairs Research uncovered that 36 per cent of respondents believed that it isn’t possible to stop all cyber attacks. A further similar amount reported they didn’t have faith in their country’s ability to keep up with cyber attacks because they felt governments and organisations are not taking these attacks seriously enough.

Read More

July 2, 2014 : Honeywell provides improved cyber security for QAFAC
Honeywell’s integrated control and safety solution, including a new fire and gas system, will improve automation at the plant and increase cyber security at Qatar Fuel Additives Company’s Mesaieed Industrial City plant, 50 kilometers south of Doha.

Read More

April 18, 2013 : Japanese industrial giant selects Honeywell cyber security solutions
One of Japan’s largest refining and petrochemical companies, Idemitsu Kosan, is modernizing its control systems at its Tokuyama Refining and Petrochemical Complex in western Japan. The site, which supplies energy and chemical raw materials, will deploy Experion® Process Knowledge System, Abnormal Situations Management, alarm management, and cyber-security solutions.

Read More

Honeywell Migration Solutions Help Saudi Electricity Company Revitalize Control System and Address Cyber Threats
The project was delivered with the latest hardware and software platforms and yielded higher reliability, enhanced performance and improved safety with the cyber security implementation.

View Case Study

U.S. Power Company works with Honeywell to perform a SCADA cyber security vulnerability assessment
Honeywell's cyber security assessment services helped a US power company to assess existing cyber security risks, abide by corporate standard of audit and review, and prioritize the tasks they needed to execute.

View Case Study

Cyber security vulnerability assessment reduces risks to gas pipeline operation
As a result of Honeywell’s cyber security vulnerability assessment solution, a natural gas pipeline company was able to empirically identify and quantify all of the steps required to improve the security and reliability of its natural gas distribution pipeline network, and therefore increase the uptime and availability of its system.

View Case Study

Honeywell helps Canadian power company design secure network for industrial environment
A Canadian power company was embarking on an environmental monitoring project at a coal-fired generation facility that involved the bridging of two control systems with their business network. The company required an expert consulting firm to address their security and integration issues. Honeywell advised the power company to design a multi-layered defense-in-depth network.

View Case Study

September 2016
13-15 Sep Industrial Control Systems Joint Working Group (ICSJWG) Florida, USA Learn more about the event
26-28 Sep 3rd Annual Industrial Control Cyber Security Europe London, UK

Session: What we should be doing differently as an industry
By Eric Knapp, Global Director of Cyber Security Solutions and Chief Cyber Security Engineer, Honeywell Process Solutions 9:10 am - 9:40 am on Sep 28,
Learn more about this session here.

Session: Converting cyber attacks into successful cyber-physical attacks
By Marina Krotofil, Cyber Security Researcher, Honeywell Industrial Cyber Security
9:40 am - 10:10 am on Sep 28
Learn more about this session here.
Learn more about the event
27-28 Sep IMI Congress & Exhibition for Industrial Cyber Security Frankenthal, Germany

Session: Individual protection measures for industrial cyber security
By Konstantin Rogalas, Business Leader for Europe, Honeywell Industrial Cyber Security
Afternoon of Sep 27
Learn more about the event
29 Sep EXERA Cybersecurity of Industrial Systems Paris France

Session: Defining the right level of protection and keeping situational awareness
By Konstantin Rogalas, Business Leader for Europe, Honeywell Industrial Cyber Security
14:30 on Sep 29
Learn more about the event
OCTOBER 2016
24-27 October Honeywell Users Group EMEA Click Here to Know More

Science Fiction Becomes Reality
Instead of continuously reacting to the onslaught of security incidents, battle-tested security professionals continue to stress the importance of building a solid security program. Read this eBook to discover how you can stay ahead of advanced cyber threats and reduce risks for your plant(s).

Read eBook

The Essential Guide to Industrial Cyber Security
Cyber security is an acknowledged and growing threat to the operational integrity of process manufacturing and other critical infrastructure sectors. To combat this fast growing threat it is important to make a conscious change from reactive to proactive measures. Here’s a roadmap to help organizations evolve from reactive to preventive, proactive strategies for risk management.

Read eBook

The Four-Step Guide to Understanding Cyber Risk
It is estimated that cyber risks costs the global economy up to $400 billion a year— maybe even more. For industrial control systems (ICSs) however, the risks are even more acute. Understand vulnerabilities. Identifying threats. Measuring consequences. Bringing it all together and measure risk. This four-step guide will help you identifying cyber risks and addressing the cyber security gap.

Read eBook

Mitigating cyber security risks in legacy process control systems
Legacy control systems are more vulnerable to attacks than contemporary systems. Read this white paper to learn more about techniques for protecting legacy systems, the problems surrounding these techniques, and new methods for analyzing security.

Read White Paper

Staying ahead of today's cyber threats
The increasing number of cyber security threats requires evolving approaches and tools to combat potential attacks. Read this whitepaper to learn how application whitelisting can be used to combat viruses and malware.

Read White Paper

Application Whitelisting 101
Application Whitelisting is an effective tool for enhancing your "Defense in Depth" security strategy. With increasing numbers of attempted intrusions, cautionary tales of security breaches and the potential for resulting damages at your site, Application Whitelisting can be an important addition to your security arsenal.

Read White Paper

Effective use of assessments for cyber security risk mitigation
This paper covers how cyber security assessments can be effectively used for risk mitigation and how they relate to the overall cycle of securing critical infrastructure.

Read White Paper

Cyber security regulations: Pipe dream or reality?
This whitepaper recommends that pipeline operators shift from reactive to proactive and begin the process of adopting a long-term cyber security strategy before regulations become mandated.

Read White Paper

Securing Industrial Process against USB-Borne Threats
Since discovery of the Stuxnet computer virus, industrial organizations have struggled with finding secure ways to use and monitor removable media.​ Take a look at some interesting stats from the process industry and how to protect against USB-borne threats​.

Download PDF

Industrial cyber security risk is on the rise, and reducing it is critical to a company's operational and production goals. Honeywell Industrial Cyber Security Risk Manager can help companies effectively migrate and rapidly respond to cyber vulnerabilities and threats.

Download PDF

Industrial Cyber Security: Perception vs. Reality.
Usher in Cyber Security Awareness Month with knowledge to fight cyber threats this October. Take a look at intriguing findings from a study that compares leading industry threat research with our own firsthand observations gleaned from hundreds of cyber security engagements worldwide.

Download PDF


Discover USB threat protection, designed for industry: New Secure Media Exchange (SMX)

Speaker: Seth Carpenter, Cyber Security Technologist at HPS
Date: June 14, 2017
Duration: 60 Minutes

Since discovery of the Stuxnet computer virus, industrial organizations have struggled with finding secure ways to use and monitor removable media. Join our on demand webinar to know more about how Secure Media Exchange (SMX) reduces cyber security risk and limits operational disruptions by monitoring, protecting, and logging use of removable media throughout industrial facilities.

Watch the on-demand webinar

Proactively Monitor, Measure and Manage Industrial Cyber Security Risk with Risk Manager

Speaker: Sheila Fortinberry, Senior Global Cyber Security Marketing Manager,
Mike Baldi, Cyber Security Solutions Architect at HPS
Date: May 5, 2015

Duration: 46 Minutes
During this webinar, learn how Risk Manager 1) Allows users to prioritize and focus efforts on managing risks that are most important for reliable plant operations, through the easy-to-use interface. 2) Monitors risk continuously, in real-time. 3) Translates complex indicators of vulnerabilities and threats into metrics that can be used by control engineers and operators without cyber security experience.

Watch the on-demand webinar

Continuous Security Monitoring for Control Systems – Best Practices

Speaker: Mark Littlejohn
Date: February 18, 2015

Duration: 26 Minutes
Join Mark Littlejohn in this webinar to gain a better understanding of why continuous monitoring is widely accepted as an integral and essential best practice for managing risk and improving the cyber security posture in industrial environments.

Watch the on-demand webinar

Managed Industrial Cyber Security Services

Speaker: Eric Knapp, Director of Cyber Security Solutions and Technology, Honeywell Process Solutions
Date: August 26, 2014
Duration: 33 Minutes

Industrial Cyber Security is a challenge for many reasons:
• Industrial systems are difficult to patch
• Legacy devices inhibit the implementation of modern cyber security controls
• The shift from proprietary systems to open computing platforms has increased the exposure and vulnerability to cyber threats.

Perhaps the biggest challenge, however, is building the right staff to address these issues. Industrial cyber security professionals are a rare breed and the demand for their unique skill set continues to increase rapidly.

Listen to Eric Knapp in this on-demand webinar as he explores the pros and cons of using managed cyber security services to augment staff, and to make existing staff more productive and efficient through all stages of the cyber security lifecycle.

Watch the on-demand webinar

A
ACL Access Control List
AES Advanced Encryption Standard
AH Authentication Header
ARP Address Resolution Protocol
Active Attack Active attack is an assault on system security that derives from an intelligent threat, i.e., an intelligent act that is a deliberate attempt (especially in the sense of a method or technique) to evade security services and violate the security policy of a system Source
Adversary An adversary is a malicious entity whose aim is to prevent the users of the computer system from achieving data privacy, system integrity and availability. Actual adversaries are known as attackers
Alert An alert is a communication about a known cyber security issue, typically with details of how to mitigate the issue

B
Badware See Malware
BERT Bit Error Test
BIND Berkeley Internet Name Domain
BIOS Basic Input/Output System
BSS Basic Service Set
Blacklist (Application Blacklisting) Application blacklisting, sometimes just referred to as blacklisting, is a network administration practice used to prevent the execution of undesirable programs. Such programs include not only those known to contain security threats or vulnerabilities but also those that are deemed inappropriate within a given organization. Blacklisting is the method used by most antivirus programs, intrusion prevention/detection systems and spam filters Source
Business Continuity Planning (BCP) BCP involves keeping all essential aspects of a business functioning despite significant disruptive events, of which disaster recovery planning (DRP) is a subset of it.

C
Canaries A Canary is an early test version of software, alluding to a Canary in a coal mine
CERT Computer Emergency Response Team, sometimes aka Computer Security Incident Response Team. These are organizations, in APAC they are usually government-linked agencies, responsible for maintaining vigilance on cyber security threats and the need for creating awareness of such. Formerly, before CERTs evolved to such focus today, they were expert groups that handle computer security incidents. At national level, CERTs differ from one country to another in terms of their portfolio. Certain countries' CERTs are legislated with enforcement authority while others just at advisory functions.
Computer Network Defense Analysis Uses defensive measures and information collected from a variety of sources to identify, analyze, and report events that occur or might occur within the network in order to protect information, information systems, and networks from threats Source
CISO Chief Information Security Officer
Critical infrastructure Critical infrastructure are the assets, systems, and networks, whether physical or virtual, so vital to a country or company that their incapacitation or destruction would have a debilitating effect on security, national economic security, national public health or safety, or any combination thereof. Source

D
DCS Distributed Control System. For Honeywell DCS offerings, please click here
Denial of Service (attack) A denial-of-service (DoS) attack is an attempt to make a machine or network resource unavailable to its intended users. A DoS attack generally consists of efforts to temporarily or indefinitely interrupt or suspend services of a server host serving mutliple users connected in a network.

Perpetrators of DoS attacks typically target sites or services hosted on mission-critical servers, including DCS/SCADA systems, or high-profile web servers such as banks, credit card payment gateways, and even root name servers.

DHCP Dynamic Host Configuration Protocol
DMZ Demilitarized Zone
DNS Domain Name System
Disaster Recovery Planning (DRP) Disaster Recovery Planning involves a set of policies and procedures to enable the recovery or continuation of vital technology infrastructure and systems following a natural or human-induced disaster. Disaster recovery focuses on the IT or technology systems supporting critical business functions, as opposed to business continuity, which involves keeping all essential aspects of a business functioning despite significant disruptive events. Disaster recovery is therefore a subset of business continuity planning (BCP).

E
EAP Extensible Authentication Protocol
Endpoint Protection Endpoint security is an approach to network protection that requires each computing device on a corporate network to comply with certain standards before network access is granted. Source


F
FAT Factory Acceptance Test
Firewall A firewall is a technological barrier designed to prevent unauthorized or unwanted communications between computer networks or hosts. It is a network security system that controls the incoming and outgoing network traffic based on an applied rule set.

FTP File Transfer Protocol

G
Governance Governance, largely in the context of corporate and IT, focuses on compliance in an organization's management of its operations and processes - in the best interest of stakeowners and shareholders. Governance has its interest in the set of multi-disciplinary structures, policies, process and procedural controls implemented to order to meet the statutory and regulatory compliance, legal, risk and environmental requirements.

H
Heartbeat Signals Heartbeat signals indicate the communication health of the system and is a periodic signal generated by hardware or software to indicate normal operation or to synchronize other parts of a system
HMI Human-Machine Interface
Host Intrusion Detection Systems (HIDS) Developed for mainframe computers, HIDS is the earliest type of intrusion software that monitors and analyzes the internals of a computing system and sometimes the network packets on its network interfaces
HTTP Hypertext Transfer Protocol

I
IDPS Intrusion Detection and Prevention Systems
I/O Input/Output
ISASecure ISASecure independently certifies industrial automation and control (IAC) products and systems to ensure that they are robust against network attacks and free from known vulnerabilities. Source
ISC Internet Software Consortium

L
LAN Local Area Network
LR-WPAN Low-Rate Wireless Personal Area Networks

M
MAC Media Access Control
Malware Malware (short for malicious software) is any software used to disrupt a computers operation, collect sensitive data, or gain access to private computer systems. Also known as Badware
MISPC Minimum Interoperability Specification for PKI Components
MITM Man-in-the-Middle

N
NAT Network Address Table
NERC North American Electric Reliability Corporation
Network security The provisions and policies adopted by a network administrator to prevent and monitor unauthorized access, misuse, modification, or denial of a computer network and network-accessible resources
Network Intrusion Detection Systems (NIDS) A network based device or software application that monitors network activities for malicious activities or policy violations and produces reports to a management station

O
OLE Object Linking and Embedding
OPC OLE for Process Control
OSI Open Systems Interconnectivity

P
PCS Process Control System
Penetration Testing Penetration testing is often confused as "vulnerability assessment" (VA). Essentially, it is a further step into simulating the exploitation on a system vulnerability discovered in a VA. Its purpose is to confirm if a security breach or a catastrophic damage can really be inflicted on the system if it would have been a real cyber attack.
PLC Programmable Logic Controller
PROFIBUS Process Field Bus

Q
Qualified Anti-malware Definitions Testing and qualification of newly released anti-malware definition or signature files adds to system stability by identifying and restricting potential ICS conflicts before implementation on site.
Qualified OS Patch Updates Testing and qualification of newly released Microsoft security updates adds to system stability by identifying and restricting potential ICS conflicts before implementation on site.

R
Remote Terminal Unit A Remote Terminal Unit (or RTU) is a microprocessor-controlled electronic device that interfaces objects in the physical world to a DCS (distributed control system) or SCADA (supervisory control and data acquisition) system by transmitting telemetry data to a master system, and by using messages from the master supervisory system to control connected objects. For details of Honeywell's RTU offerings please click here

S
SCADA Supervisory Control and Data Acquisition
– for Honeywell's SCADA offerings please click here
Security Assessments and Audits Security assessments are usually with the purpose to survey and review the security health or posture of a system, processes or an organisation's susceptibility to cyber security threats. Audits are essentially inspections on the state of compliance to governance requirement. While security assessments would promptly raise findings on vulnerabilities for quick remediation, audits will aim to report on non-compliances and systemic weaknesses to executive management for managerial actions.
Security Information & Event Management (SIEM) SIEM technology provides real-time analysis of security alerts generated by network hardware and applications. SIEM is sold as managed services, software, or appliances and are also used to log security data and generate reports for compliance purposes. SIEM is primarily about real-time monitoring, correlation of events, notifications and console views, and secondarily about reporting of log data and long-term archiving.
SIS Safety Instrumented System
SMTP Simple Mail Transfer Protocol
SSL Secure Sockets Layer

T
TCP Transmission Control Protocol
TDEA Triple Data Encryption Algorithm

U
UDP User Datagram Protocol
USB Universal Serial Bus

V
Vulnerability Assessment (VA) In a vulnerability assessment, data is collected from the system and compared with documented issues to deduce if the system is vulnerable to any known exploits. "Documented issues" refer to vulnerabilities or systems weaknesses that have been discovered and therefore known and, hence, they have been documented and most probably made available to the public for awareness. VA can be easily confused as "Penetration Testing" which essentially can be the next step into simulating the exploitation on a system vulnerability discovered during a VA.
VLAN Virtual LAN
VPN Virtual Private Network

W
WiFi Wireless Fidelity
WPA WiFi Protected Access

X
XSS Cross-Site Scripting


In this section we've provided a list of useful links to relevant websites. Bookmark this page so you can find it easier in the future.

CERTIFICATION BODIES
GIAC Global Information Assurance Certification (GIAC) is the leading provider and developer of Cyber Security Certifications. www.giac.org
ISACA As an independent, nonprofit, global association, ISACA engages in the development, adoption and use of globally accepted, industry-leading knowledge and practices for information systems. www.isaca.org
ISA The International Society of Automation is a leading, global, nonprofit organization that is setting the standard for automation by helping over 30,000 worldwide members and other professionals solve difficult technical problems, while enhancing their leadership and personal career capabilities. www.isa.org
WIB WIB – Process Automation Users' Association. WIB provides process instrumentation evaluation- and assessment services for- and on behalf of – its industrial user member companies. www.wib.nl
VGB VGB is a technical association for power and heat generation. It is a non-profit organization and a voluntary association of companies of power plant operators and manufacturers. VGB published the cyber security standard - VGB-S-175. www.vgb.org

GOVERNMENT AGENCIES
ANSSI Agence Nationale de la sécurité des systems d'information. ANSSI core missions are to detect and early react to cyber attacks, prevent threats, advice governmental entities and operators of critical infrastructure and inform industry and general public about security threats and protective measures. www.ssi.gouv.fr/en/
APCERT APCERT (Asia Pacific Computer Emergency Response Team) is a coalition of CERTs and CSIRTs (Computer Security Incident Response Teams), from 13 economies across the Asia Pacific region to ensure internet security in the Asia Pacific region. www.apcert.org
BSI Federal Office for Information Security, Germany. BSI's goal is to promote IT security in Germany. It is the first and foremost central IT security service provider for the federal government in Germany. www.bsi.bund.de
CERT Australia CERT Australia is the national computer emergency response team, working with major Australian businesses, providing cyber security advice and support to critical infrastructure and other systems of national interest. www.cert.gov.au
CERT-In The Indian Computer Emergency Response Team (CERT-In), under the Department of Information Technology of Ministry of Communications and Information Technology, works to enhance the security of India's communications and information infrastructure through proactive action and effective collaboration. http://deity.gov.in/content/icert
CPNI Centre for the Protection of National Infrastructure. CPNI protects UK national security by providing protective security advice. Their advice covers physical security, personnel security and cyber security/ information assurance. www.cpni.gov.uk
CNCERT/CC National Computer Network Emergency Response Technical Team/Coordination Center of China. CNCERT/CC is a non-governmental non-profit cybersecurity technical center and the key coordination team for China's cybersecurity emergency response community. www.cert.org.cn
ENISA European Union Agency for Network and Information Security. It is the 'pace-setter' for Information Security in Europe, and a centre of expertise. www.enisa.europa.eu
ICS-CERT The Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) operates within the National Cybersecurity and Integration Center (NCCIC), a division of the Department of Homeland Security's Office of Cybersecurity and Communications (DHS CS&C). NCCIC/ICS-CERT is a key component of the DHS Strategy for Securing Control Systems. https://ics-cert.us-cert.gov/
OLF The Norwegian Oil and Gas Association have established a number of guidelines in the areas of Competence, Employment, Environment, HSE & Operations, Integrated Operations and Industrial Policy. OLF 104 recommends guidelines for information security baseline requirements for process control, safety and support ICT systems. www.norskoljeoggass.no/en

REGULATORY AUTHORITIES
ICT QATAR The National Standards for Security of Critical Industrial Automation and Control Systems by ICT Qatar focuses on the various controls for the security of critical industrial automation and control systems. www.ictqatar.qa/en
NERC The North American Electric Reliability Corporation (NERC) is a not-for-profit international regulatory authority whose mission is to assure the reliability of the bulk power system in North America. www.nerc.com

REGULATORY AUTHORITIES
ISS Source Industrial Safety and Security Source is a web-based information provider devoted solely to keeping manufacturers current on safety, cyber and physical security news, products, features, applications and trends. www.isssource.com
SC Magazine SC Magazine arms information security professionals with the in-depth, unbiased business and technical information they need to tackle the countless security challenges they face and establish risk management and compliance postures that underpin overall business strategies. www.scmagazine.com
Security Magazine Security is uniquely focused on solutions for enterprise security leaders. It is designed and written for business-minded executives who manage enterprise risk and security. www.securitymagazine.com
Security Week Information Security News, IT Security News & Expert Insights www.securityweek.com

INDUSTRIAL CYBER SECURITY SOCIAL MEDIA LINKS
Honeywell Process Solutions on Twitter Get the latest news and offerings from Honeywell Process Solutions https://twitter.com/hwusers
Honeywell Process Solutions on LinkedIn Stay up to date with news and job opportunities from Honeywell Process Solutions https://www.linkedin.com/company/honeywell-process-solutions
Honeywell on YouTube See the latest news and stories from Honeywell www.youtube.com/user/Honeywell


Risk Manager
Risk Manager can proactively manage the cyber security risks that matter the most. Risk Manager is the first solution specifically designed to proactively measure, monitor and manage cyber security risk for industrial plants and their process control networks. ​


Secure Media Exchange (SMX) - Industrial Cyber Security Solution for USB Protection
Secure Media Exchange reduces cyber security risk and limits operational disruptions by monitoring, protecting, and logging use of removable media throughout industrial facilities. SMX provides plant operators with unprecedented control and visibility into the secure use of USB and removable media by personnel and contractors, reducing cyber risk to process control networks globally. SMX provides the latest in advanced threat detection capabilities to critical infrastructures and manufacturing facilities.


Secure Media Exchange (SMX) - Infographic Video on USB-Borne Threats
Industrial facilities are humming with people & productivity, but it takes hand-carried USB device updates to stay operational. Malware via removable media is ranked as the #2 ICS threat. Secure Media Exchange (SMX) reduces cyber security risk and limits operational disruptions by monitoring, protecting, and logging use of removable media throughout industrial facilities.​


Secure Media Exchange (SMX)​ Quick Demo
Watch this short demo video to know more about how Secure Media Exchange (SMX) reduces cyber security risk and limits operational disruptions by monitoring, protecting, and logging use of removable media throughout industrial facilities.


Enterprise Risk Manager Quick Demo
Honeywell’s Industrial Cyber Security Risk Manager is the first solution to proactively measure, monitor, and manage cyber security risk across industrial environments, providing users of all levels with real-time visibility, understanding and decision support required for action.​



Honeywell Industrial Cyber Security Risk Manager
Risk Manager is a Honeywell-developed real-time data collection and analytics software platform that continuously monitors the process control system for indicators of cyber security risk. Risk Manager helps protect industrial users against unplanned downtime and loss of production due to cyber risks and is the first solution and the only of its kind for industrial environments.


Making IoT Real in Industrial Environments
Mike Brown, global director for Honeywell Process Solutions' Advanced Solutions, speaks with ARC Advisory Group’s Mark Sen Gupta on Industrial Internet of Things (IIoT) and Cyber Security.


Threats to cyber security are real – discover Honeywell industrial cyber security solutions
Three quarters of surveyed adults (75 percent) across 10 countries say they are fearful that cyber hackers are carrying out attacks on major industries and sectors of the economy in their countries, according to the results of a survey conducted by Ipsos Public Affairs on behalf of Honeywell. Threats to cyber security are real and the world is fearful of attacks on major industries. As the threat grows, what can we do to take more proactive cyber security measures?


Take a tour of Honeywell’s new cyber security research lab
Step inside the brand new Honeywell Industrial Cyber Security Lab in Duluth, Georgia. The lab's world-class environment is used to develop and test new cyber security solutions for the industrial market. It is another investment in Honeywell's ongoing commitment to help customers defend the availability, reliability and safety of their industrial automation and control systems.