November 8, 2022
Honeywell has recently announced the release of its new operational technology (OT) cybersecurity solutions, designed to assist customers in defending the availability, reliability and safety of their industrial control systems and operations. The offerings, which include a new Advanced Monitoring and Incident Response (AMIR) dashboard and updated Cyber App Control, are designed to empower organizations with 24/7 intelligent threat detection across the expanding attack surface of their industrial control systems (ICS).
Advanced Monitoring and Incident Response managed service adds dashboard visibility
Today, industrial companies require advanced cybersecurity skills and tools to detect and respond to cybersecurity threats and incidents. Honeywell’s AMIR managed service, built upon Honeywell’s vast experience and knowledge in security, industrial automation and safety, brings increased cybersecurity capabilities to an organization’s existing Security Operation Centers (SOCs) to strengthen OT cybersecurity across the enterprise.
Honeywell’s AMIR managed service provides robust threat detection, security monitoring, alerting, and incident response capabilities powered by industry-leading Security Information and Event Management (SIEM) and Security Orchestration, Automation and Response (SOAR) capabilities, OT operational knowledge and industry best practices to improve cybersecurity posture. The service is vendor neutral, supporting both Honeywell and non-Honeywell assets on an ICS network.
The AMIR service is designed to help mitigate complex OT security incidents, threats and cyberattacks through incident response support provided by Honeywell security professionals. This information is provided via automated and immediate custom alerts, as well as routine trend reports. The addition of an enterprise 24/7 dashboard provides customers with increased visibility into incidents identified and active responses underway.
“AMIR helps fill a major security gap that many industrial customers currently face: the inability to monitor OT environments 24/7 and proactively detect and respond to evolving threats,” said Jeff Zindel, vice president and general manager, Honeywell OT Cybersecurity. “The addition of an AMIR dashboard offers customers enhanced visibility to know the status of identified incidents and the steps being taken by Honeywell OT cyber professionals to help respond to active threats.”
Cyber App Control
Cyber App Control, previously known as Application Whitelisting, is a vendor-agnostic cybersecurity solution suitable for both Honeywell and non-Honeywell control systems. It is designed to provide an additional layer of security that allows only known and trusted applications to run on ICS assets and increases a customer’s ability to prevent known malware and zero-day attacks on OT environments that often rely on more vulnerable legacy systems with challenging maintenance schedules. The impact of Cyber App Control on OT security is significant enough to be highly recommended by cybersecurity frameworks such as the National Institute of Standards and Technology (NIST).
Cyber App Control uses the latest software release from security specialist VMware Carbon Black, with special rules and configurations crafted specifically for OT environments, developed by Honeywell’s OT Cybersecurity Centers of Excellence and Innovation. The solution is deployed on-site by Honeywell’s experienced and certified OT cybersecurity engineers to ensure customer-specific needs are met.