June 8, 2017 :Honeywell Invests in Cyber Security Innovation Center in Asia Pacific
Honeywell (NYSE: HON) Process Solutions (HPS), with the support of the Singapore Economic Development Board (EDB), will establish a new industrial cyber security center of excellence (COE) for Asia Pacific in Singapore.The COE will feature a state-of-the-art cyber security research and development lab, an advanced training facility and a security operations center that provides managed security services.
April 4, 2017 : Honeywell Launches New Industrial Cyber Security Solution to Enable Secure Use of USB Devices
Honeywell (NYSE: HON) Process Solutions (HPS) today announced a new solution for industrial sites as they balance productivity and cyber security demands. Honeywell’s new Secure Media Exchange (SMX) protects facilities against current and emerging USB-borne threats, without the need for complex procedures or restrictions that impact operations or industrial personnel.
February 23, 2016 : Honeywell and Palo Alto Networks Team up to Protect Industrial Control Systems from Cyber Attacks
Honeywell Process Solutions and Palo Alto Networks®, the next-generation security company, today announced they will collaborate to boost the cyber security capabilities of control systems used by industrial facilities and critical infrastructure. This next-generation offering enhances Honeywell’s comprehensive portfolio of cyber security solutions including its Industrial Cyber Security Risk Manager platform.
June 24, 2015 : Honeywell and Intel Security Team to Secure Critical Infrastructure and Industrial Internet of Things
Honeywell Process Solutions and Intel Security today announced they will collaborate to bolster protection of critical industrial infrastructure and the Industrial Internet of Things (IIoT). Intel Security's McAfee® technologies will be integrated with Honeywell's Industrial Cyber Security Solutions, providing Honeywell customers with enhanced security software to protect their control systems from malware and misuse.
April 21, 2015 : Honeywell Technology First to Proactively Manage Cyber Security Risk for Industrial Sites
Honeywell Process Solutions today launched the first digital dashboard designed to proactively monitor, measure and manage cyber security risk for control systems for refineries, power plants and other automated production sites throughout the world that are at increasing risk of cyber attacks.
March 31, 2015 : Honeywell Expands Cyber Security Development Capabilities with new Research Lab
Honeywell Process Solutions announced the opening of the Honeywell Industrial Cyber Security Lab to advance its development and testing of new technologies and software to defend industrial facilities and operations such as refineries and manufacturing plants from cyber attacks.
November 11, 2014 : Honeywell survey uncovers 3 in 4 adults are fearful that cyber attacks could damage their country’s economy
A recent survey conducted by Ipsos Public Affairs Research uncovered that 36 per cent of respondents believed that it isn’t possible to stop all cyber attacks. A further similar amount reported they didn’t have faith in their country’s ability to keep up with cyber attacks because they felt governments and organisations are not taking these attacks seriously enough.
July 2, 2014 : Honeywell provides improved cyber security for QAFAC
Honeywell’s integrated control and safety solution, including a new fire and gas system, will improve automation at the plant and increase cyber security at Qatar Fuel Additives Company’s Mesaieed Industrial City plant, 50 kilometers south of Doha.
April 18, 2013 : Japanese industrial giant selects Honeywell cyber security solutions
One of Japan’s largest refining and petrochemical companies, Idemitsu Kosan, is modernizing its control systems at its Tokuyama Refining and Petrochemical Complex in western Japan. The site, which supplies energy and chemical raw materials, will deploy Experion® Process Knowledge System, Abnormal Situations Management, alarm management, and cyber-security solutions.
Honeywell Migration Solutions Help Saudi Electricity Company Revitalize Control System and Address Cyber Threats
The project was delivered with the latest hardware and software platforms and yielded higher reliability, enhanced performance and improved safety with the cyber security implementation.
U.S. Power Company works with Honeywell to perform a SCADA cyber security vulnerability assessment
Honeywell's cyber security assessment services helped a US power company to assess existing cyber security risks, abide by corporate standard of audit and review, and prioritize the tasks they needed to execute.
Cyber security vulnerability assessment reduces risks to gas pipeline operation
As a result of Honeywell’s cyber security vulnerability assessment solution, a natural gas pipeline company was able to empirically identify and quantify all of the steps required to improve the security and reliability of its natural gas distribution pipeline network, and therefore increase the uptime and availability of its system.
Honeywell helps Canadian power company design secure network for industrial environment
A Canadian power company was embarking on an environmental monitoring project at a coal-fired generation facility that involved the bridging of two control systems with their business network. The company required an expert consulting firm to address their security and integration issues. Honeywell advised the power company to design a multi-layered defense-in-depth network.
|13-15 Sep||Industrial Control Systems Joint Working Group (ICSJWG) Florida, USA||Learn more about the event|
|26-28 Sep||3rd Annual Industrial Control Cyber Security Europe London, UK
Session: What we should be doing differently as an industry
By Eric Knapp, Global Director of Cyber Security Solutions and Chief Cyber Security Engineer, Honeywell Process Solutions 9:10 am - 9:40 am on Sep 28,
Learn more about this session here.
Session: Converting cyber attacks into successful cyber-physical attacks
By Marina Krotofil, Cyber Security Researcher, Honeywell Industrial Cyber Security
9:40 am - 10:10 am on Sep 28
Learn more about this session here.
|Learn more about the event|
|27-28 Sep||IMI Congress & Exhibition for Industrial Cyber Security Frankenthal, Germany
Session: Individual protection measures for industrial cyber security
By Konstantin Rogalas, Business Leader for Europe, Honeywell Industrial Cyber Security
Afternoon of Sep 27
|Learn more about the event|
|29 Sep||EXERA Cybersecurity of Industrial Systems Paris France
Session: Defining the right level of protection and keeping situational awareness
By Konstantin Rogalas, Business Leader for Europe, Honeywell Industrial Cyber Security
14:30 on Sep 29
|Learn more about the event|
|24-27 October||Honeywell Users Group EMEA||Click Here to Know More|
Science Fiction Becomes Reality
Instead of continuously reacting to the onslaught of security incidents, battle-tested security professionals continue to stress the importance of building a solid security program. Read this eBook to discover how you can stay ahead of advanced cyber threats and reduce risks for your plant(s).
The Essential Guide to Industrial Cyber Security
Cyber security is an acknowledged and growing threat to the operational integrity of process manufacturing and other critical infrastructure sectors. To combat this fast growing threat it is important to make a conscious change from reactive to proactive measures. Here’s a roadmap to help organizations evolve from reactive to preventive, proactive strategies for risk management.
The Four-Step Guide to Understanding Cyber Risk
It is estimated that cyber risks costs the global economy up to $400 billion a year— maybe even more. For industrial control systems (ICSs) however, the risks are even more acute. Understand vulnerabilities. Identifying threats. Measuring consequences. Bringing it all together and measure risk. This four-step guide will help you identifying cyber risks and addressing the cyber security gap.
Mitigating cyber security risks in legacy process control systems
Legacy control systems are more vulnerable to attacks than contemporary systems. Read this white paper to learn more about techniques for protecting legacy systems, the problems surrounding these techniques, and new methods for analyzing security.
Staying ahead of today's cyber threats
The increasing number of cyber security threats requires evolving approaches and tools to combat potential attacks. Read this whitepaper to learn how application whitelisting can be used to combat viruses and malware.
Application Whitelisting 101
Application Whitelisting is an effective tool for enhancing your "Defense in Depth" security strategy. With increasing numbers of attempted intrusions, cautionary tales of security breaches and the potential for resulting damages at your site, Application Whitelisting can be an important addition to your security arsenal.
Effective use of assessments for cyber security risk mitigation
This paper covers how cyber security assessments can be effectively used for risk mitigation and how they relate to the overall cycle of securing critical infrastructure.
Cyber security regulations: Pipe dream or reality?
This whitepaper recommends that pipeline operators shift from reactive to proactive and begin the process of adopting a long-term cyber security strategy before regulations become mandated.
Honeywell Industrial Cyber Security Risk Manager
Risk Manager is a Honeywell-developed real-time data collection and analytics software platform that continuously monitors the process control system for indicators of cyber security risk. Risk Manager helps protect industrial users against unplanned downtime and loss of production due to cyber risks and is the first solution and the only of its kind for industrial environments.
Making IoT Real in Industrial Environments
Mike Brown, global director for Honeywell Process Solutions' Advanced Solutions, speaks with ARC Advisory Group’s Mark Sen Gupta on Industrial Internet of Things (IIoT) and Cyber Security.
Industrial cyber security risk is on the rise, and reducing it is critical to a company's operational and production goals. Honeywell Industrial Cyber Security Risk Manager can help companies effectively migrate and rapidly respond to cyber vulnerabilities and threats.Download PDF
Industrial Cyber Security: Perception vs. Reality.
Usher in Cyber Security Awareness Month with knowledge to fight cyber threats this October. Take a look at intriguing findings from a study that compares leading industry threat research with our own firsthand observations gleaned from hundreds of cyber security engagements worldwide.
Threats to cyber security are real – discover Honeywell industrial cyber security solutions
Three quarters of surveyed adults (75 percent) across 10 countries say they are fearful that cyber hackers are carrying out attacks on major industries and sectors of the economy in their countries, according to the results of a survey conducted by Ipsos Public Affairs on behalf of Honeywell. Threats to cyber security are real and the world is fearful of attacks on major industries. As the threat grows, what can we do to take more proactive cyber security measures?
Take a tour of Honeywell’s new cyber security research lab
Step inside the brand new Honeywell Industrial Cyber Security Lab in Duluth, Georgia. The lab's world-class environment is used to develop and test new cyber security solutions for the industrial market. It is another investment in Honeywell's ongoing commitment to help customers defend the availability, reliability and safety of their industrial automation and control systems.
Proactively Monitor, Measure and Manage Industrial Cyber Security Risk with Risk Manager
Speaker: Sheila Fortinberry, Senior Global Cyber Security Marketing Manager,
Mike Baldi, Cyber Security Solutions Architect at HPS
Date: May 5, 2015
Duration: 46 Minutes
During this webinar, learn how Risk Manager 1) Allows users to prioritize and focus efforts on managing risks that are most important for reliable plant operations, through the easy-to-use interface. 2) Monitors risk continuously, in real-time. 3) Translates complex indicators of vulnerabilities and threats into metrics that can be used by control engineers and operators without cyber security experience.
Continuous Security Monitoring for Control Systems – Best Practices
Speaker: Mark Littlejohn
Mike Baldi, Cyber Security Solutions Architect at HPS
Date: February 18, 2015
Duration: 26 Minutes
Join Mark Littlejohn in this webinar to gain a better understanding of why continuous monitoring is widely accepted as an integral and essential best practice for managing risk and improving the cyber security posture in industrial environments.
Managed Industrial Cyber Security Services
Speaker: Eric Knapp, Director of Cyber Security Solutions and Technology, Honeywell Process Solutions
Mike Baldi, Cyber Security Solutions Architect at HPS
Date: August 26, 2014
Duration: 33 Minutes
Industrial Cyber Security is a challenge for many reasons:
• Industrial systems are difficult to patch
• Legacy devices inhibit the implementation of modern cyber security controls
• The shift from proprietary systems to open computing platforms has increased the exposure and vulnerability to cyber threats.
Perhaps the biggest challenge, however, is building the right staff to address these issues. Industrial cyber security professionals are a rare breed and the demand for their unique skill set continues to increase rapidly.
Listen to Eric Knapp in this on-demand webinar as he explores the pros and cons of using managed cyber security services to augment staff, and to make existing staff more productive and efficient through all stages of the cyber security lifecycle.
|ACL||Access Control List|
|AES||Advanced Encryption Standard|
|ARP||Address Resolution Protocol|
|Active Attack||Active attack is an assault on system security that derives from an intelligent threat, i.e., an intelligent act that is a deliberate attempt (especially in the sense of a method or technique) to evade security services and violate the security policy of a system Source|
|Adversary||An adversary is a malicious entity whose aim is to prevent the users of the computer system from achieving data privacy, system integrity and availability. Actual adversaries are known as attackers|
|Alert||An alert is a communication about a known cyber security issue, typically with details of how to mitigate the issue|
|BERT||Bit Error Test|
|BIND||Berkeley Internet Name Domain|
|BIOS||Basic Input/Output System|
|BSS||Basic Service Set|
|Blacklist (Application Blacklisting)||Application blacklisting, sometimes just referred to as blacklisting, is a network administration practice used to prevent the execution of undesirable programs. Such programs include not only those known to contain security threats or vulnerabilities but also those that are deemed inappropriate within a given organization. Blacklisting is the method used by most antivirus programs, intrusion prevention/detection systems and spam filters Source|
|Business Continuity Planning (BCP)||BCP involves keeping all essential aspects of a business functioning despite significant disruptive events, of which disaster recovery planning (DRP) is a subset of it.|
|Canaries||A Canary is an early test version of software, alluding to a Canary in a coal mine|
|CERT||Computer Emergency Response Team, sometimes aka Computer Security Incident Response Team. These are organizations, in APAC they are usually government-linked agencies, responsible for maintaining vigilance on cyber security threats and the need for creating awareness of such. Formerly, before CERTs evolved to such focus today, they were expert groups that handle computer security incidents. At national level, CERTs differ from one country to another in terms of their portfolio. Certain countries' CERTs are legislated with enforcement authority while others just at advisory functions.|
|Computer Network Defense Analysis||Uses defensive measures and information collected from a variety of sources to identify, analyze, and report events that occur or might occur within the network in order to protect information, information systems, and networks from threats Source|
|CISO||Chief Information Security Officer|
|Critical infrastructure||Critical infrastructure are the assets, systems, and networks, whether physical or virtual, so vital to a country or company that their incapacitation or destruction would have a debilitating effect on security, national economic security, national public health or safety, or any combination thereof. Source|
|DCS||Distributed Control System. For Honeywell DCS offerings, please click here|
|Denial of Service (attack)||A denial-of-service (DoS) attack is an attempt to make a machine or network resource unavailable to its intended users. A DoS attack generally consists of efforts to temporarily or indefinitely interrupt or suspend services of a server host serving mutliple users connected in a network.
Perpetrators of DoS attacks typically target sites or services hosted on mission-critical servers, including DCS/SCADA systems, or high-profile web servers such as banks, credit card payment gateways, and even root name servers.
|DHCP||Dynamic Host Configuration Protocol|
|DNS||Domain Name System|
|Disaster Recovery Planning (DRP)||Disaster Recovery Planning involves a set of policies and procedures to enable the recovery or continuation of vital technology infrastructure and systems following a natural or human-induced disaster. Disaster recovery focuses on the IT or technology systems supporting critical business functions, as opposed to business continuity, which involves keeping all essential aspects of a business functioning despite significant disruptive events. Disaster recovery is therefore a subset of business continuity planning (BCP).|
|EAP||Extensible Authentication Protocol|
|Endpoint Protection||Endpoint security is an approach to network protection that requires each computing device on a corporate network to comply with certain standards before network access is granted. Source|
|FAT||Factory Acceptance Test|
|Firewall||A firewall is a technological barrier designed to prevent unauthorized or unwanted communications between computer networks or hosts. It is a network security system that controls the incoming and outgoing network traffic based on an applied rule set.|
|FTP||File Transfer Protocol|
|Governance||Governance, largely in the context of corporate and IT, focuses on compliance in an organization's management of its operations and processes - in the best interest of stakeowners and shareholders. Governance has its interest in the set of multi-disciplinary structures, policies, process and procedural controls implemented to order to meet the statutory and regulatory compliance, legal, risk and environmental requirements.|
|Heartbeat Signals||Heartbeat signals indicate the communication health of the system and is a periodic signal generated by hardware or software to indicate normal operation or to synchronize other parts of a system|
|Host Intrusion Detection Systems (HIDS)||Developed for mainframe computers, HIDS is the earliest type of intrusion software that monitors and analyzes the internals of a computing system and sometimes the network packets on its network interfaces|
|HTTP||Hypertext Transfer Protocol|
|IDPS||Intrusion Detection and Prevention Systems|
|ISASecure||ISASecure independently certifies industrial automation and control (IAC) products and systems to ensure that they are robust against network attacks and free from known vulnerabilities. Source|
|ISC||Internet Software Consortium|
|LAN||Local Area Network|
|LR-WPAN||Low-Rate Wireless Personal Area Networks|
|MAC||Media Access Control|
|Malware||Malware (short for malicious software) is any software used to disrupt a computers operation, collect sensitive data, or gain access to private computer systems. Also known as Badware|
|MISPC||Minimum Interoperability Specification for PKI Components|
|NAT||Network Address Table|
|NERC||North American Electric Reliability Corporation|
|Network security||The provisions and policies adopted by a network administrator to prevent and monitor unauthorized access, misuse, modification, or denial of a computer network and network-accessible resources|
|Network Intrusion Detection Systems (NIDS)||A network based device or software application that monitors network activities for malicious activities or policy violations and produces reports to a management station|
|OLE||Object Linking and Embedding|
|OPC||OLE for Process Control|
|OSI||Open Systems Interconnectivity|
|PCS||Process Control System|
|Penetration Testing||Penetration testing is often confused as "vulnerability assessment" (VA). Essentially, it is a further step into simulating the exploitation on a system vulnerability discovered in a VA. Its purpose is to confirm if a security breach or a catastrophic damage can really be inflicted on the system if it would have been a real cyber attack.|
|PLC||Programmable Logic Controller|
|PROFIBUS||Process Field Bus|
|Qualified Anti-malware Definitions||Testing and qualification of newly released anti-malware definition or signature files adds to system stability by identifying and restricting potential ICS conflicts before implementation on site.|
|Qualified OS Patch Updates||Testing and qualification of newly released Microsoft security updates adds to system stability by identifying and restricting potential ICS conflicts before implementation on site.|
|Remote Terminal Unit||A Remote Terminal Unit (or RTU) is a microprocessor-controlled electronic device that interfaces objects in the physical world to a DCS (distributed control system) or SCADA (supervisory control and data acquisition) system by transmitting telemetry data to a master system, and by using messages from the master supervisory system to control connected objects. For details of Honeywell's RTU offerings please click here|
|SCADA||Supervisory Control and Data Acquisition
– for Honeywell's SCADA offerings please click here
|Security Assessments and Audits||Security assessments are usually with the purpose to survey and review the security health or posture of a system, processes or an organisation's susceptibility to cyber security threats. Audits are essentially inspections on the state of compliance to governance requirement. While security assessments would promptly raise findings on vulnerabilities for quick remediation, audits will aim to report on non-compliances and systemic weaknesses to executive management for managerial actions.|
|Security Information & Event Management (SIEM)||SIEM technology provides real-time analysis of security alerts generated by network hardware and applications. SIEM is sold as managed services, software, or appliances and are also used to log security data and generate reports for compliance purposes. SIEM is primarily about real-time monitoring, correlation of events, notifications and console views, and secondarily about reporting of log data and long-term archiving.|
|SIS||Safety Instrumented System|
|SMTP||Simple Mail Transfer Protocol|
|SSL||Secure Sockets Layer|
|TCP||Transmission Control Protocol|
|TDEA||Triple Data Encryption Algorithm|
|UDP||User Datagram Protocol|
|USB||Universal Serial Bus|
|Vulnerability Assessment (VA)||In a vulnerability assessment, data is collected from the system and compared with documented issues to deduce if the system is vulnerable to any known exploits. "Documented issues" refer to vulnerabilities or systems weaknesses that have been discovered and therefore known and, hence, they have been documented and most probably made available to the public for awareness. VA can be easily confused as "Penetration Testing" which essentially can be the next step into simulating the exploitation on a system vulnerability discovered during a VA.|
|VPN||Virtual Private Network|
|WPA||WiFi Protected Access|
In this section we've provided a list of useful links to relevant websites. Bookmark this page so you can find it easier in the future.
|GIAC||Global Information Assurance Certification (GIAC) is the leading provider and developer of Cyber Security Certifications.||www.giac.org|
|ISACA||As an independent, nonprofit, global association, ISACA engages in the development, adoption and use of globally accepted, industry-leading knowledge and practices for information systems.||www.isaca.org|
|ISA||The International Society of Automation is a leading, global, nonprofit organization that is setting the standard for automation by helping over 30,000 worldwide members and other professionals solve difficult technical problems, while enhancing their leadership and personal career capabilities.||www.isa.org|
|WIB||WIB – Process Automation Users' Association. WIB provides process instrumentation evaluation- and assessment services for- and on behalf of – its industrial user member companies.||www.wib.nl|
|VGB||VGB is a technical association for power and heat generation. It is a non-profit organization and a voluntary association of companies of power plant operators and manufacturers. VGB published the cyber security standard - VGB-S-175.||www.vgb.org|
|ANSSI||Agence Nationale de la sécurité des systems d'information. ANSSI core missions are to detect and early react to cyber attacks, prevent threats, advice governmental entities and operators of critical infrastructure and inform industry and general public about security threats and protective measures.||www.ssi.gouv.fr/en/|
|APCERT||APCERT (Asia Pacific Computer Emergency Response Team) is a coalition of CERTs and CSIRTs (Computer Security Incident Response Teams), from 13 economies across the Asia Pacific region to ensure internet security in the Asia Pacific region.||www.apcert.org|
|BSI||Federal Office for Information Security, Germany. BSI's goal is to promote IT security in Germany. It is the first and foremost central IT security service provider for the federal government in Germany.||www.bsi.bund.de|
|CERT Australia||CERT Australia is the national computer emergency response team, working with major Australian businesses, providing cyber security advice and support to critical infrastructure and other systems of national interest.||www.cert.gov.au|
|CERT-In||The Indian Computer Emergency Response Team (CERT-In), under the Department of Information Technology of Ministry of Communications and Information Technology, works to enhance the security of India's communications and information infrastructure through proactive action and effective collaboration.||http://deity.gov.in/content/icert|
|CPNI||Centre for the Protection of National Infrastructure. CPNI protects UK national security by providing protective security advice. Their advice covers physical security, personnel security and cyber security/ information assurance.||www.cpni.gov.uk|
|CNCERT/CC||National Computer Network Emergency Response Technical Team/Coordination Center of China. CNCERT/CC is a non-governmental non-profit cybersecurity technical center and the key coordination team for China's cybersecurity emergency response community.||www.cert.org.cn|
|ENISA||European Union Agency for Network and Information Security. It is the 'pace-setter' for Information Security in Europe, and a centre of expertise.||www.enisa.europa.eu|
|ICS-CERT||The Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) operates within the National Cybersecurity and Integration Center (NCCIC), a division of the Department of Homeland Security's Office of Cybersecurity and Communications (DHS CS&C). NCCIC/ICS-CERT is a key component of the DHS Strategy for Securing Control Systems.||https://ics-cert.us-cert.gov/|
|OLF||The Norwegian Oil and Gas Association have established a number of guidelines in the areas of Competence, Employment, Environment, HSE & Operations, Integrated Operations and Industrial Policy. OLF 104 recommends guidelines for information security baseline requirements for process control, safety and support ICT systems.||www.norskoljeoggass.no/en|
|ICT QATAR||The National Standards for Security of Critical Industrial Automation and Control Systems by ICT Qatar focuses on the various controls for the security of critical industrial automation and control systems.||www.ictqatar.qa/en|
|NERC||The North American Electric Reliability Corporation (NERC) is a not-for-profit international regulatory authority whose mission is to assure the reliability of the bulk power system in North America.||www.nerc.com|
|ISS Source||Industrial Safety and Security Source is a web-based information provider devoted solely to keeping manufacturers current on safety, cyber and physical security news, products, features, applications and trends.||www.isssource.com|
|SC Magazine||SC Magazine arms information security professionals with the in-depth, unbiased business and technical information they need to tackle the countless security challenges they face and establish risk management and compliance postures that underpin overall business strategies.||www.scmagazine.com|
|Security Magazine||Security is uniquely focused on solutions for enterprise security leaders. It is designed and written for business-minded executives who manage enterprise risk and security.||www.securitymagazine.com|
|Security Week||Information Security News, IT Security News & Expert Insights||www.securityweek.com|
|INDUSTRIAL CYBER SECURITY SOCIAL MEDIA LINKS|
|Honeywell Process Solutions on Twitter||Get the latest news and offerings from Honeywell Process Solutions||https://twitter.com/hwusers|
|Honeywell Process Solutions on LinkedIn||Stay up to date with news and job opportunities from Honeywell Process Solutions||https://www.linkedin.com/company/honeywell-process-solutions|
|Honeywell on YouTube||See the latest news and stories from Honeywell||www.youtube.com/user/Honeywell|