Lifecycle Solutions & Services. Managed Industrial Cyber Security Services

Similar documents
CYBERVANTAGE MANAGED SECURITY SERVICES

Industrial Cyber Security. ICS SHIELD Top-down security for multi-vendor OT assets

Virtual Patching Solution: Increased Protection and Reduced Maintenance for Process Control Systems

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

Process Solutions. Uniformance PHD. Product Information Note

90% 191 Security Best Practices. Blades. 52 Regulatory Requirements. Compliance Report PCI DSS 2.0. related to this regulation

Mark Littlejohn June 23, 2016 DON T GO IT ALONE. Achieving Cyber Security using Managed Services

Service. Sentry Cyber Security Gain protection against sophisticated and persistent security threats through our layered cyber defense solution

Carbon Black PCI Compliance Mapping Checklist

Total Security Management PCI DSS Compliance Guide

ABB Ability Cyber Security Services Protection against cyber threats takes ability

Defense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation

ISO/IEC Solution Brief ISO/IEC EventTracker 8815 Centre Park Drive, Columbia MD 21045

Industrial Cyber Security. INDUSTRIAL CYBER SECURITY Safely embrace the digital age with advanced solutions and services to reduce cyber risk.

Cisco ASA 5500 Series IPS Edition for the Enterprise

CS 356 Operating System Security. Fall 2013

TOP 10 IT SECURITY ACTIONS TO PROTECT INTERNET-CONNECTED NETWORKS AND INFORMATION

T22 - Industrial Control System Security

Completing your AWS Cloud SECURING YOUR AMAZON WEB SERVICES ENVIRONMENT

Plant Security Services Protecting productivity in the digital era October

Process Solutions. Mobile Station. Product Information Note. Mobile, Connected and Safe. Benefits. Features & Specifications. Improve Operations

SECURE SYSTEMS, NETWORKS AND DEVICES SAFEGUARDING CRITICAL INFRASTRUCTURE OPERATIONS

Comprehensive Database Security

OneWireless Network Overview

SECURE MEDIA EXCHANGE. World s Strongest Industrial Cybersecurity Solution for USB Protection

IBM Global Technology Services Provide around-the-clock expertise and protect against Internet threats.

ALTITUDE DOESN T MAKE YOU SAFE. Satcom Direct s Comprehensive Cyber Security Portfolio for Business Aviation

CYBERVANTAGE TM SECURITY CONSULTING SERVICES

Industrial Defender ASM. for Automation Systems Management

Cyber Security Solutions Mitigating risk and enhancing plant reliability

IC32E - Pre-Instructional Survey

Perimeter Defenses T R U E N E T W O R K S E C U R I T Y DEPENDS ON MORE THAN

Securing Industrial Control Systems

INSIDE. Integrated Security: Creating the Secure Enterprise. Symantec Enterprise Security

Future Challenges and Changes in Industrial Cybersecurity. Sid Snitkin VP Cybersecurity Services ARC Advisory Group

McAfee Public Cloud Server Security Suite

McAfee Embedded Control

ANATOMY OF AN ATTACK!

Ensuring Desktop Central Compliance to Payment Card Industry (PCI) Data Security Standard

DEEP FREEZE CLOUD FOR HIPAA COMPLIANCE

ISO27001 Preparing your business with Snare

DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE

Education Network Security

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Malware Outbreak

SOC-2 Requirement Solution Brief. EventTracker 8815 Centre Park Drive, Columbia MD SOC-2

University of Pittsburgh Security Assessment Questionnaire (v1.7)

An ICS Whitepaper Choosing the Right Security Assessment

Continuous protection to reduce risk and maintain production availability

Symantec Client Security. Integrated protection for network and remote clients.

ClearPath OS 2200 System LAN Security Overview. White paper

Network Security: Firewall, VPN, IDS/IPS, SIEM

Simple and Powerful Security for PCI DSS

Presenter Jakob Drescher. Industry. Measures used to protect assets against computer threats. Covers both intentional and unintentional attacks.

How do you track devices that have been approved for use? Are you automatically alerted if an unapproved device connects to the network?

Cyber Security. February 13, 2018 (webinar) February 15, 2018 (in-person)

Potential Mitigation Strategies for the Common Vulnerabilities of Control Systems Identified by the NERC Control Systems Security Working Group

Daxko s PCI DSS Responsibilities

Mark Littlejohn June Improving ICS Cyber Security Consistency Using Managed Security Services

ENDNOTE SECURITY OVERVIEW INCLUDING ENDNOTE DESKTOP AND ONLINE

McAfee Embedded Control for Retail

Question 1: What steps can organizations take to prevent incidents of cybercrime? Answer 1:

NORTH AMERICAN SECURITIES ADMINISTRATORS ASSOCIATION Cybersecurity Checklist for Investment Advisers

Transforming Security from Defense in Depth to Comprehensive Security Assurance

External Supplier Control Obligations. Cyber Security

Protecting productivity with Industrial Security Services

ISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002

NEXT GENERATION SECURITY OPERATIONS CENTER

Security Monitoring. Managed Vulnerability Services. Managed Endpoint Protection. Platform. Platform Managed Endpoint Detection and Response

Digital Wind Cyber Security from GE Renewable Energy

Protecting Against Online Fraud. F5 EMEA Webinar August 2014

RiskSense Attack Surface Validation for IoT Systems

Technology Risk Management in Banking Industry. Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited

NEN The Education Network

Securing Privileged Access and the SWIFT Customer Security Controls Framework (CSCF)

Chapter 18 SaskPower Managing the Risk of Cyber Incidents 1.0 MAIN POINTS

Practical SCADA Cyber Security Lifecycle Steps

locuz.com SOC Services

THE RISE OF GLOBAL THREAT INTELLIGENCE

Verizon Software Defined Perimeter (SDP).

Teradata and Protegrity High-Value Protection for High-Value Data

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Elevation of Privilege

Kaspersky Open Space Security

Secure Access & SWIFT Customer Security Controls Framework

Security Standards for Electric Market Participants

Lifecycle Performance Care Services. Bulletin 43D02A00-04EN

2018 IT Priorities: Cybersecurity, Cloud Outsourcing & Risk Management. Follow Along

A Guide to Closing All Potential VDI Security Gaps

SECURING DEVICES IN THE INTERNET OF THINGS

Security+ Guide to Network Security Fundamentals, Fourth Edition. Chapter 5 Host, Application, and Data Security

THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION

QuickBooks Online Security White Paper July 2017

Criminal Justice Information Security (CJIS) Guide for ShareBase in the Hyland Cloud

CYBERSECURITY RISK LOWERING CHECKLIST

Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS

HALO IN ACTION COMPLIANCE DON T LET LEGACY SECURITY TOOLS HOLD UP PCI COMPLIANCE IN THE CLOUD. Automated PCI compliance anytime, anywhere.

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Unauthorized Access

PROTECTION FOR WORKSTATIONS, SERVERS, AND TERMINAL DEVICES ENDPOINT SECURITY NETWORK SECURITY I ENDPOINT SECURITY I DATA SECURITY

Process System Security. Process System Security

Cisco Secure Ops Solution

Altius IT Policy Collection

Transcription:

Lifecycle Solutions & Services Managed Industrial Cyber Security Services

Around the world, industrial firms and critical infrastructure operators partner with Honeywell to address the unique requirements of cyber security in process control environments. Honeywell s broad expertise encompasses automation assets and their integrated communication networks a distinct advantage in control system security.

Secure Industrial Control Systems and Mitigate Risk with Honeywell s Managed Industrial Cyber Security Services. With cyber security management tools specifically designed for the process control domain, Honeywell s suite of technology infrastructure services helps secure the various aspects of a customer s Distributed Control System (DCS). These services include an array of security defenses integrated to protect the network, workstations, applications, and process equipment. Supervising the operation of the DCS, Honeywell s sophisticated analysis and reporting solutions provide the insights needed to quickly ascertain the status of critical control system assets. This approach results in enhanced operating system security, stability and reliability, ultimately contributing to improved production and safety for complex industrial plant domains.

Best Practices for Managing Industrial Control System Security. With the rising threat of industry focused malware, your Industrial Control System (ICS) is vulnerable to attack, disruption and damage. Cyber attacks on plant automation systems have not only increased, but they have grown more sophisticated in recent years. From targeted information gathering and theft, to elimination of crucial data, these intrusions represent a real and present danger to plant productivity, reliability, and safety. For Industrial Sites, Vulnerabilities Can Include: Connections between the corporate IT network and Process Control Network (PCN) Unsecured access for maintenance or 3rd party contractors or vendors Removable media brought into the site including USB drives, external hard drives, and CD/DVDs, as well as laptops and smart phones Out-of-date malware signatures Obsolete or unpatched operating systems Inadequate firewall configurations Unauthorized network activity

Honeywell has developed a complete portfolio of Industrial Cyber Security products and services specific to the needs of your control network. These solutions form a cyber defense foundation and operate to safeguard both the business and human interests of the process control environment. Managed Industrial Cyber Security Services Protecting plant operations requires not only robust firewalls, but also additional security measures and defenses. Honeywell s Managed Industrial Cyber Security Services address the security of your ICS and plant assets and include: Secure Connection Secure, customer initiated communication tunnel for services. Honeywell s Managed Industrial Cyber Security solutions provide the services and information needed to reduce the risk of security breaches and manage the essential elements of your process control infrastructure. Intelligence Reporting Delivers insights into the operation and cyber security status of DCS components and the PCN. Continuous Monitoring and Alerting Provides 24/7 monitoring of system, network and cyber security performance and automated alerting against thresholds. Protection Management Provides Honeywell-tested and approved patches and anti-malware definitions. Perimeter and Intrusion Management Offers firewall support, and Intrusion Protection System (IPS) implementation and management.

Secure Connection Honeywell s Secure Connection is a secure, customer-initiated connection to Honeywell s Security Service Center (HSSC). It features a certificate-based, bi-directional, two-factor authentication process to create an encrypted tunnel, protecting data even through the site s corporate network. Honeywell s Secure Connection functions very much like a castle s drawbridge. If the site chooses to connect to Honeywell, the drawbridge can be lowered or raised, with the site retaining control of the connection. Honeywell can request, but not initiate a connection. When a site launches Honeywell s Secure Connection, an authenticated, encrypted Virtual Private Network (VPN) is established. This VPN can terminate solely at the HSSC. Only upon creation of a secure connection by the site, can Honeywell then communicate via the Secure Connection tunnel. Under complete site control, the Secure Connection features easy-to-configure security policies dictating the connection frequency to Honeywell s HSSC. Configuration as either an automatic or continuous connection enables the efficient sending of alert conditions for prompt attention. Manual connections, initiated solely by authorized site personnel, may alternatively be selected at any time. Secure Connection security policies can be set to allow the HSSC to view connected devices, including Experion control systems, on the site s PCN for faster identification of potential issues. Configuration can also be set to enable additional diagnostic routines should certain system problems be detected, providing more information on the root cause of an issue. All Secure Connections and actions are captured and recorded with a full, non-optional audit. Leveraging the non-optional audit trail, the Secure Connection can serve as a single point of access for third-party vendors and contractors if desired. Providing policy-based, controlled communications with a record of all actions, the Secure Connection can be a useful tool in tracking third-party activities. Honeywell HSSCs are the only termination points for Honeywell Secure Connect tunnels. Currently, there are centers in Europe and the U.S. for global support. These facilities have added physical and cyber security controls and monitoring in place for secure, encrypted, customer communications. Access is restricted to certificate-authenticated engineers and is tightly managed by Honeywell Service Center personnel. Intelligence Reporting Visibility into the cyber security environment of control networks is a critical element for an effective defense. A robust cyber security strategy requires not only deploying multiple defenses, but also monitoring the security conditions of the network itself. With more sophisticated attacks evading common detection processes, it is crucial to know individual network element trends in order to detect and respond to possible breaches. Honeywell s advanced intelligence technology transforms masses of system statistics into actionable trends. This powerful management reporting solution provides both critical site information and predictive hardware analysis, as well as details on current cyber security vulnerabilities and attacks.

Honeywell s Intelligence Reporting capabilities help you stay ahead of potential attacks and take quick protective action when needed. Our system currently provides both quarterly and weekly performance reports. Leveraging statistics presented by Honeywell s Secure Connection, the reports include summaries and charted trends of network and system events. The reports also identify degrading conditions, and predict hardware vulnerabilities. The information also functions as a key source of formatted compliance-related data, all streamlined for quick, timely assessments to improve site and network security, performance, and management. Reporting information provides highlighted parameters, trends, and number of events per device for fast scanning and identification of equipment issues and possible threats. Reported critical information includes: Alerts and availability conditions for controllers, workstations, and servers Failed log-in attempts and credentials Installation status of anti-malware and OS patches on servers, workstations, and systems Security-flagged conditions such as CPU degradation, increased network traffic, firewall status and conditions, and backup availability. Honeywell s Intelligence Reporting highlights system and network actionable information from masses of equipment and network statistics to help plants optimize PCN management and security. Continuous Monitoring and Alerting Modern automation systems monitor and manage manufacturing equipment to optimize production efficiency. But what watches these distributed control systems? A DCS typically includes routers, switches, controllers, and Windowsbased servers and workstations, all communicating on the process control network. Monitoring the PCN, including all attached devices, is crucial not only for process orchestration, but also for the security of the entire site. Compromised security opens a plant to modification of processes and production mixes, potentially affecting the quality of the produced product. These modifications, ultimately stemming from poor ICS security, can result in reduced plant output, unsaleable products, or even far worse consequences. Honeywell s Continuous Monitoring and Alerting monitors the performance and health conditions of the PCN including controllers, servers, and workstations. If an event is detected, or if thresholds are exceeded, an alert is automatically generated. The alert thresholds are different for each system and device to provide accurate and useable event information. Should an alert condition be detected, an email or SMS text alert message will automatically be sent to the contact (or contact alias) of the site 24/7 as part of the service. Additionally, alert messages may include attached troubleshooting techniques to help resolve the issue.

Protection Management All of Honeywell s Protection Management services include application testing on test bed systems emulating a customer s production environment. Testing and qualification of newly released patches and anti-malware files adds to system stability by identifying and restricting potential ICS conflicts before implementation on site. This helps take the worry out of updates, and customers are assured that installing Honeywell-approved releases will add to the reliability and security of their system. Honeywell s Industrial Secure Connection is used to provide automatic, encrypted delivery of all patches and anti-malware files. This method is designed to reduce the potential for tampering, contamination, or modification of files from email transmissions or compromised hand-carried media. Malware Protection Formerly known as anti-virus programs, applications such as McAfee and Symantec are a critical piece of control system defense. These applications function to identify and block harmful code from running on Microsoft Windows operating systems, and work in conjunction with signature files identifying specific viruses, worms, spyware, and trojans. It is imperative that anti-malware programs remain up-to-date; each and every workstation and server should employ the latest release of malware signature files to help prevent intentional failures or deliberate application malfunction of the PCN. A single unprotected piece of hardware has the potential to spread malware and jeopardize other networked devices, with some malware enabling backdoors for unauthorized access to the system. Malware can also include root kits to hide in an operating system to escape detection. Honeywell s Protection Management service includes qualified anti-malware files with encrypted delivery to ensure signatures have not been compromised or contaminated. Installation of current, Honeywellapproved signatures will help keep malware and its potential effects out of the ICS.

Operating System Patch Management Operating System (OS) patch software is necessary to update a computer s program to fix problems, or more frequently, to close discovered security vulnerabilities. These vulnerabilities are akin to an open door that allows malware to enter. Patch installation closes this door and complements anti-malware programs. Suppliers of operating systems such as Microsoft Windows release patch updates for their software. Too often, however, patch installation takes a lower priority at industrial sites due to time and personnel constraints. Additional planning to accommodate the occasional dreaded reboot is also required. Nevertheless, installation of these patches helps block multiple malware vulnerabilities to reduce system breaches, prevent unauthorized shutdowns, and keep control systems operating properly. Control System Patch Management Honeywell DCS updates are custom-built and based on each site s configuration. Our industrial controls experts determine the specific software needed for each customer location, and only that selected software is sent. This custom software load has no extraneous elements or unnecessary code. The result is a reduced cyber attack profile, and improved system efficiency, reliability, and security. Optional On-Site Patch Deployment On-site patch installation service is available from Honeywell using our technical field experts. Coordinating with site operations, Honeywell technicians will manually patch the designated PCN with the latest tested and approved software releases. Honeywell extensively qualifies all operating system patches on custom test beds before release to our customers. This non-trivial approach is done so that there are no unexpected control system consequences as a result of a patch installation. Additionally, file integrity is maintained through encrypted Secure Connection delivery. These enhancements support continued process stability and production at plant facilities.

Perimeter and Intrusion Management Protecting the productivity, reliability, and safety of the plant is of paramount importance. Firewalls are the first line of defense to keep unwanted traffic and potential attackers out of the ICS network. With improved processing speeds and reduced latency, today s high-performance firewalls can now also be deployed between process control levels or zones as additional defensive elements around the process equipment core. An Intrusion Prevention System (IPS) complements firewalls by examining traffic that has made it onto the internal network. It analyzes both the data packets and the network traffic flow and compares these to the patterns, or signatures, commonly seen with malware. Utilizing sophisticated behavior analysis, an IPS monitors and protects the internal network from malware or attacks that may have been well hidden in other legitimate applications. Ideally, firewalls and Intrusion Prevention Systems should be used together to block and remove security threats from process control networks. It is important to remember that firewalls and IPS technology only work well when properly configured and consistently maintained. Honeywell s Perimeter & Intrusion Management expertise provides the appropriate configurations, custom definitions, and ongoing monitoring required for the industrial manufacturing environment adding real security to plant systems and operations. Honeywell-managed firewalls and Intrusion Prevention Systems form a critical barrier, functioning to secure key areas and strengthen ICS defenses. Firewalls, IPS, anti-malware, and patches each have different protection approaches, and Honeywell strongly recommends that all four be deployed and kept up-to-date for optimum PCN protection. Benefits of Honeywell s Managed Industrial Cyber Security Services Honeywell s Managed Industrial Cyber Security Services combine leading engineering analysis with the industrial expertise essential in process control environments. Leveraging an encrypted Secure Connection, the services provide Protection Management, Continuous Monitoring and Alerting, Intelligence Reporting, and Perimeter and Intrusion Management. Additionally, Honeywell s system and security professionals offer the experience and expertise you can rely on to assist you in managing your site s cyber security and system requirements. Honeywell s Managed Industrial Cyber Security Services are designed to provide the requisite tools, services, and solutions needed to lower the risk of security breaches and improve the management of your PCN. With Honeywell s Managed Industrial Cyber Security Services, industrial organizations and critical infrastructure sites can achieve unparalleled visibility and control into the system and cyber security conditions of their control network infrastructure.

Additional Honeywell Products and Services Honeywell provides a full range of products and services to help customers manage and secure their industrial control systems. Leveraging our industry leading process control and cyber security experience, our expertise, and technology, Honeywell delivers proven cyber security solutions designed for the specific needs of process control environments. Our cyber security solutions include secure architecture analysis, design and optimization, security assessments and audits, policy development, operational security controls and training, network security, endpoint protection, and response and recovery services. These solutions help protect the availability, safety and reliability of industrial control systems and plant operations. Honeywell Industrial Cyber Security Solutions Response & Recovery Situational Awareness Assessments & Audits PEOPLE PROCESS TECHNOLOGY Architecture & Design Network Security Endpoint Protection

For More Information To learn more about Honeywell s Managed Industrial Cyber Security Services, visit www.becybersecure.com or contact your Honeywell account manager. Honeywell Process Solutions Honeywell 1250 West Sam Houston Parkway South Houston, TX 77042 Honeywell House, Arlington Business Park Bracknell, Berkshire, England RG12 1EB Shanghai City Centre, 100 Junyi Road Shanghai, China 20051 www.honeywellprocess.com BR-14-17-ENG October 2014 2014 Honeywell International Inc.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback