Honeywell dashboard protects refineries and power plants from cyber attacks
April 28, 2015
Texas-based Honeywell Process Solutions has introduced a digital dashboard to monitor, measure and manage cyber security risk for control systems for refineries, power plants and other automated production sites throughout the world.
The Honeywell Industrial Cyber Security Risk Manager is designed to simplify the task of identifying areas of cyber security risk, providing real-time visibility, understanding and decision support required for action. It monitors and measures cyber security risk in multi-vendor industrial environments.
The threat of cyber attacks on industrial targets is a major concern according to a global survey on cyber security conducted by Ipsos Public Affairs in September 2014 on behalf of Honeywell. More than 5000 adults in ten countries were surveyed about the threat of cyber attacks on critical industries in their countries. Three quarters of respondents said they were fearful that cyber criminals could hack into and control major sectors and elements of the economy. Two-thirds of those surveyed thought the oil, gas, chemicals and power industries were particularly vulnerable to cyber attacks.
“Industrial processors are increasingly challenged to understand their cyber security risks,” said Jeff Zindel, Honeywell’s global business leader for cyber security. “And many times, they don’t know what to do with the data they are provided or what to do if an incident occurs. Risk Manager changes that. It gives guidance on the potential impact of threats and vulnerabilities as well as possible resolutions, making it easier to manage cyber security risks.”
Risk Manager uses technologies that translate complex cyber security indicators into clear measurements and key performance indicators, and provides information through an easy-to-use interface. The intuitive workflow allows users to create customised risk notification alerts and perform detailed threat and vulnerability analysis so they can focus on managing risks that are most important for reliable plant operations.
“Industrial facilities have clearly become targets for cyber attacks,” said Sid Snitkin, vice president of the Arc Advisory Group. “Safety and operational continuity demand a clear understanding of these serious, dynamic risks and a programme to ensure that they remain within acceptable levels. While most organisations recognise this need, operational people often lack the expertise to properly assess and manage cyber risks. So, we applaud Honeywell’s development of the Industrial Cyber Security Risk Manager. From what we’ve seen, it is a comprehensive, yet understandable, solution that should meet the needs of operational, automation and manufacturing IT personnel.”
Honeywell has included proprietary cyber protection software for more than ten years with its process automation products, including Experion process controls, which are used at industrial sites such as refineries, chemical plants, gas processing units, power plants, mines and mills around the world. During that time, the Honeywell Industrial Cyber Security group has delivered more than 1000 industrial cyber security projects globally.
“With Risk Manager, industrial customers don’t need to be cyber security experts,” said Zindel. “The easy-to-use interface allows users to prioritise and focus efforts on managing risks that are most important for reliable plant operations, protecting against vulnerabilities and threats such as insecure network and system configurations, rogue devices, intrusion attempts, malware, and the list goes on.”
Risk Manager monitors plant assets within and across all security zones of a plant, including third-party systems. By understanding security zones, it is aligned with ISA 62443 and is able to calculate accurate risk scores. Its real-time measurement of risk is in line with industry standard risk management methodologies so that risk scores can be used consistently and accurately throughout a corporation’s risk and governance efforts.