Honeywell Forge Cyber Security+

Introduction Honeywell Forge Cybersecurity+ Cyber Insights and Watch

Hello, everyone, and thank you for joining our brief webinar today on boosting your OT cybersecurity to help prevent cyberattacks and downtime. I'm Paul Griswold. I'm the Chief Product Officer for Honeywell OT Cybersecurity, and I'm going to walk you through some of the most recent threats in cybersecurity, as well as how you can secure your industrial environment against those threats.

It probably comes as no surprise that cyberattacks are on the rise, and we continue to see an increase through all different industries, particularly in the area of ransomware. Ransomware has proven to be a very effective tool for cyber criminals to make money. What often does not get talked about in the media is the effect of these types of attacks on OT systems or cyber physical systems.

With cyber physical systems, you actually have physics going on in addition to the cyber activities, so any changes that are made on these systems has some sort of physical consequence. In the worst cases for OT systems, this can result in a disruption of the process that you are managing. It can result in a loss of view or a loss of control, or in very worst cases, it can also result in loss of life.

So while cyberattacks certainly are very serious all across the board, when it comes to OT, they become even more serious due to the physical nature of what can happen from these attacks. Securing sites is a challenge, and I think that if we take a look at what we have found as Honeywell in many of the different assessments we do for customers around the world, there are many sites that are struggling with many of the questions that you see here. Just knowing what the assets are in the environment, that's the first step.

If you don't know what you have, you probably are going to have a hard time securing what you have. So just knowing the assets you have connected to your network, being able to monitor these things on a continuous basis to detect suspicious activity or other types of threats, whether or not you have malware already. Malware often dwells inside of an environment for over 250 days, so it's very possible that you could have malware in your system today.

And if you're not monitoring and don't have the systems in place to monitor, you may not even know it. With that, you get those risks of plant safety, you have issues potentially with compliance, and of course, you also have to demonstrate your security posture to the CISO. Many OT sites struggle with these basics because OT environments are so hard.

They often have older systems, they're very brittle, and it can just be very difficult to get the type of cybersecurity solutions in place that we typically see on the IT environment. We are seeing a shift in this. Just given the amount of threats that are out there and the consequences of the attacks, customers are moving away from limited OT cybersecurity visibility.

Oftentimes, this would revolve an assessment that may happen once a year, where you get a nice paper report at the end and choose to do things based on that report. Many customers are moving away from this kind of offline assessment to more of a real-time, continuous view of cybersecurity across the different sites you have within your environment. With this, you can also do real-time threat detection, vulnerability detection, and manage and measure compliance.

When the auditor shows up, it's less of a concern and less of a hassle. To help ensure that you get this visibility, we are happy to be launching a new offering called Cyber Insights. Cyber Insights is essentially what functions as the eyes and ears of your OT environment to determine what's going on, what threats might be present, and how you can best address them.

With Cyber Insights, it's designed as that foundational component to help you reduce your operational risk and help protect safety. It also allows you to uncover security weaknesses that may be already present, including signs of attacks that may already be within the environment. It also lets you increase operational efficiencies through flexibility of deploying in these brittle OT environments where IT tools just are probably not going to work very well.

Once you have Cyber Insights deployed, you're getting that good visibility into each individual site. But what our more mature customers will do is they'll actually have a centralized OT cybersecurity team that is responsible specifically for OT cybersecurity across all your different sites. With that, we're also introducing Cyber Watch.

Cyber Watch will provide that multi-site view and also gives you the ability to do compliance management as well. So Cyber Watch can actually consist of two different components. One is the multi-site dashboard that will consolidate the security telemetry across all of the different instances of insights, Cyber Insights at your sites, into a centrally managed portal.

With the governance dashboard, you also can incorporate the people and process elements as well as the technology elements from the data that you're collecting. So you can show evidence of compliance by uploading documents, uploading questionnaires, and other types of non-technology aspects that all go into an overall effective governance program. Again, very important, Cyber Watch leverages Cyber Insights. So all of the data that you're collecting from the individual sites gets rolled up into Cyber Watch and also be used in the governance dashboard. So with Insights, you have a local view that if you have operators, you have people on site with the operators who understand cybersecurity, they can have that local view and see what's going on on an individual site level. And then with Cyber Watch, that data gets aggregated up for that centralized team.

Cyber Insights and Cyber Watch are part of an overall comprehensive solution that Honeywell offers. And what we've done here is we've napped it against the NIST cybersecurity framework. And you can see Insights and Watch serve key purposes in both identify, detect, as well as respond to an attack. We also have a complementary set of professional services, managed services, and other software products that can also be used to help fill in additional gaps across the NIST CSF. Take a look at these questions again and determine if you are operating at risk. And if you are, Cyber Insights and Cyber Watch can help.

So in terms of next steps, understand your OT cybersecurity posture. Do you really know your assets? Are you actually doing that monitoring? Would you know if an attack's already there? And if you need help, you can reach out to Honeywell. We can also provide a product demonstration for both Cyber Insights and Cyber Watch, and we have a full suite of additional information available on our website at bcybersecure.com. Thanks very much for watching our webinar, and we hope to hear from you soon.