Underscoring the seriousness of increasing cyber attacks on industry, Honeywell has opened an Industrial Cyber Security Lab to advance its development and testing of new technologies and software to defend industrial facilities and operations from cyber attacks.
According to the U.S. Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), cyber incidents on industrial targets in 2014 had increased more than 25 percent since 2011. ICS-CERT’s latest report also said that, in 40 percent of reported incidents, experts did not know how hackers intruded the system because of a lack of detection and monitoring capabilities. And just yesterday President Obama signed an executive order threatening the use of financial sanctions to help curb the onslaught of cyber attacks faced by both U.S. businesses and the government.
If you’re still not convinced about the level of cyber attacks ongoing at any moment, I suggest you take a look at the short video below of global cyber attacks captured by the Norse site. Granted, all these attacks are not aimed at industrial sites, but it provides a valuable insight into the increasing level of the problem and why you should be concerned. (You can view it on your own at any time at map.ipviking.com.)
At the grand opening of Honeywell’s new cybersecurity lab in Duluth, Ga. (in the Atlanta metro area), the company noted that it has been actively developing cyber protection software and technology for its process automation products for more than a decade, much of which has been a part of the more than 1,000 industrial cyber security projects conducted globally during that time period by the Honeywell Industrial Cyber Security group.
The new cyber security lab contains the equipment needed to test the security of industrial control systems and networks from Level 1 and 2 controllers and SCADA systems up to Level 4 business networks and out to the Internet. (The levels noted here are described in the ISA 99 Purdue Model Design Concept as shown in the accompanying image. Read more about ISA 99).
This lab is the only one of its kind with this level of capability, says Jeff Zindel, business manager for Honeywell Industrial Cyber Security. “We have smaller labs elsewhere, but this is the state-of-the-art and the first of its kind.” He notes that Honeywell plans to replicate this lab elsewhere around the globe “as it makes sense to do so.”
“Customers can bring in details of their plant framework and data and we can simulate their plant in our environment and do intrusive tests to determine their vulnerabilities,” says Mike Spear, global operations manager for Honeywell Industrial Cyber Security.
Spear and Zindel explained that Honeywell’s industrial cybersecurity offerings extend beyond specific products and into professional field services and managed security services.
The process control network model at the Honeywell lab is designed to enable cyber security experts to conduct “proprietary research, hands-on training, and develop, test and certify industrial cyber security solutions,” says Zindel. “This lab will help accelerate development time of new cyber protection technologies and speed availability to customers.” Cybersecurity management tools at the lab include technologies from third parties working with Honeywell’s cyber security efforts, including Bit9, Check Point, Cisco, McAfee, Metasploit, Network Critical, SolarWinds, SourceFire, StoneSoft, Tenable Network Security, Tofino, and Tripwire.
Explaining Honeywell’s work with these companies, Zindel says these relationships address areas where Honeywell is “OEMing some products, reselling some products, and conducting extensive research with others.” The aim of these third-party relationships is to bridge the gap between IT and operations technology (OT) cybersecurity capabilities, he says.
Ultimately, the goal of the lab is to help customers move from a defensive position around cybersecurity to an offensive one. “We will help customers become more proactive in their cybersecurity efforts,” Zindel adds.
Explaining Honeywell’s approach to staffing at the lab, Spear says, “We typically hire senior IT people and have them spend up to a year being shadowed by our senior process controls experts, as well having them attend our process controls training college that trains them on control systems as well as the particulars of industrial cybersecurity and risk assessment. All these people do—24/7—is focus on industrial cybersecurity.”
Spear adds that Honeywell is also working with local colleges to develop a pipeline of industrial cybersecurity talent because the focus on cybersecurity across industry is “really taking off.”
When it comes to the increasing level of cyber threats to industry, Eric Knapp, director of technology and solutions for Honeywell Industrial Cyber Security, says, “We don't know what we don’t know; the threat is continuously evolving. But with this lab, we have an environment where we can explore that threat and continuously adapt to it.”
Visit BeCyberSecure.com for more information about Honeywell’s Industrial Cyber Security Lab.