Industrial cyber security improving, but needs work

Cyber attacks on industrial and critical infrastructure systems are increasing in number and sophistication, but more attention is being paid to security, says Honeywell at it opens new Dubai facility

The number and level of sophistication of cyber attacks in the industrial space is increasing, but there is a reciprocal increase in defence capability, according to Jeff Zindel, vice-president and general manager of Honeywell Industrial Cyber Security.

“The good news is that we are also seeing a dramatic increase in attention and focus on improving their cyber security posture and recognition for the need for cyber security across industrial operations,” he told Computer Weekly.

This is evidenced, said Zindel, by the fact that organisations are moving away from assessments and audits to implementing cyber security controls and mitigation capabilities.

“There is also growing use of Managed security services to complement their on-site capability and provide secure file transfers and software updates, as well as continuous monitoring,” he said.

However, he said that although there is a high level of awareness of the need for good cyber security in industrial operations, in many cases cyber security fundamentals are not yet in place.

A recent Honeywell-sponsored survey by LNS Research of 130 decision makers from industrial companies revealed that only 37% were monitoring their plant systems for suspicious behaviour and 20% are not conducting regular risk assessments.

“The survey also found that 53% said they had already experienced cyber security breach, but that is not surprising, given how young we are globally in cyber protection for critical infrastructure and industrial cyber security,” said Zindel.

“So while many organisations are embracing it, we are still in the relatively early stages, and still have some way to go,” he added.

To help organisations respond to the industrial cyber security threat, Zindel said Honeywell has a network of global cyber security centres of excellence (COEs) dedicated to improving industrial cyber security for critical infrastructure, information technology (IT) and operational technology (OT) convergence, and digital transformation, with the latest COE opening in Dubai.

The newly launched COE, at Honeywell’s Middle East headquarters, is aimed at strengthening regional cyber security preparedness for industrial and critical infrastructure. The centre contains distributed control systems, a physical plant process and the latest industrial cyber security software and systems.

Read more about industrial security

The centre also includes data analytics and networking equipment, and is led by a full-time operations team with deep industrial cyber security expertise and operational technology knowledge.

Built on experience from other COEs, Zindel said the centre in Dubai adds another level of training by providing a self-contained “tank room” for advanced cyber security training through attack simulations, with red and blue teams in an isolated industrial control system (ICS) and industrial environment network.

“This COE is the first of its kind in the Middle East dedicated to developing world-class industrial cyber security expertise for our customers in the region, enabling us to test security technologies and demonstrate process control network vulnerabilities and threats, train customers with real-time attack simulations, and provide advanced customer education and consultations,” he said.

Training the workforce is ‘crucial’, says expert

Honeywell said the COE in Dubai comes in support of regional government initiatives such as the Dubai Cyber Security Strategy, aiming to strengthen cyber security defences amid growing digital transformation across industries, and in support of the rapidly developing Middle East cyber security market. 

“As threats to industrial control environments become more sophisticated, it will be crucial to train the workforce of the industry for effective cyber security implementation,” said Safdar Akhtar, business development director of Industrial Cyber Security for Europe, Middle East and Africa (Emea) at Honeywell Process Solutions.

People are the key to operating technology through processes, so it is extremely important to provide training on how to work with the technology and especially how to apply it in following written processes, and the importance of training is one of the main reasons we built the COE because it is essential for successful cyber defence,” he said.

Globally and regionally, Akhtar said there is an urgent need to provide continual cyber security training for people on the ground, especially in the light of the global shortage of people with cyber security skills and talent in general and in the industrial and operational technology environments in particular.

The facilities, said Akhtar, will give organisations the opportunity to train as well as simulate and validate their cyber security systems in a safe, isolated environment. “We can not only help them to write policies and procedures, but also test various configurations against simulated attacks,” he added.

Launching the COE, the operations team showcased security software developed by Honeywell and some of its partners, followed by a demonstration of real-time cyber attack scenarios and the effectiveness of advanced cyber security controls.

Zindel said the COE provides a hub in the Middle East region to collect customer feedback and collaborate with global research and development teams to help develop software and systems for the region and global markets.

Read more on IT risk management