Upload
others
View
2
Download
0
Embed Size (px)
Citation preview
Achieving Cyber Security using Managed ServicesDON’T GO IT ALONEMark Littlejohn
June 23, 2016
Honeywell Confidential - © 2016 by Honeywell International Inc. All rights reserved.
Speaker: Mark Littlejohn
Mark is an industrial technology professional with over 30 years of
experience in the field of cyber security. He has assisted numerous
Fortune 500 companies in improving their security infrastructure
through assessing organizational risk, establishing strategic security
goals, and implementing sound technical solutions.
Mark previously served as Chief Information Security Officer for a
major petroleum manufacturer where his responsibilities included
regulatory compliance and the implementation of security for critical
controls systems. Mark currently leads Honeywell’s Managed
Industrial Cyber Security team which is responsible for providing real-
time monitoring and cyber security solutions to hundreds of
petroleum, chemical and manufacturing and customers.
1
Mark.Littlejohn@ Honeywell.com
Honeywell Confidential - © 2016 by Honeywell International Inc. All rights reserved.
Industry-Leading Industrial Cyber Security
Proven and Trusted
2
• 100+ certified Industrial
Cyber Security experts
• Global team
• 100% dedicated to
Industrial Cyber Security
• Experts in process control
cyber security
• Leaders in security
standards ISA99 /
IEC62443 / NIST
• 10+ years industrial cyber
security
• 1,000+ successful industrial
cyber projects
• 350+ managed industrial
cyber security sites
• Proprietary cyber security
methodologies and tools
• Largest R&D investment
in industrial cyber security
• Strategic partnerships with
leading cyber security
product vendors
• Multi vendor solutions
• Industry first Cyber Security
Risk Manager
• State of art Industrial Cyber
Security Solutions Lab
ProvenExperience
Investment and Innovation
Industrial CyberSecurity Experts
Honeywell Confidential - © 2016 by Honeywell International Inc. All rights reserved.
• Industrial Cyber Security Vulnerability & Risk Assessments
• Network & Wireless Assessments
• Cyber Security & Compliance Audits
• Policy and Procedures Development
• Firewall, Next Gen FW
• Intrusion Detection & Prevention (IDS/IPS)
• Access Control
• Industrial Patching & Anti-Virus
• End Node Hardening
• Portable Media/Device/USB Security
• Continuous Monitoring
• Compliance & Reporting
• Cyber Security Risk Manager
• Industrial Security Information& Event Management (SIEM)
• Cyber Security Awareness & Training
• Current State Analysis
• Secure Design and Optimization
• Zone & Conduit Separation
• Backup and Recovery
• Incident Response Planning
• Incident Response:On Site & Remote
• Forensics & Analysis
Solutions Addressing Cyber Security End to End
3
Honeywell Confidential - © 2016 by Honeywell International Inc. All rights reserved.
Managed Industrial Cyber Security Services
Monitoring, Reporting and Honeywell Expert Support
4
Patch and Anti-Virus Automation
Security and Performance Monitoring
Activity and Trend Reporting
Advanced Monitoring and Co-Management
Secure Access
Tested and
qualified patches
for operating
systems & DCS
software
Tested and
qualified anti-
malware
signature file
updates
Comprehensive
system health &
cybersecurity
monitoring
24x7 alerting
against
predefined
thresholds
Monthly or
quarterly
compliance &
performance
reports
Identifying
critical issues
and chronic
problem areas
Honeywell
Industrial Cyber
Security Risk
Manager
Firewalls,
Intrusion
Prevention
Systems, etc.
Highly secure
remote access
solution
Encrypted,
two factor
authentication
Complete
auditing:
reporting &
video playback
Honeywell Confidential - © 2016 by Honeywell International Inc. All rights reserved.
Patch and Anti-Virus AutomationBenefits
Automated, secure transfer of update filesHoneywell tested and qualified on equivalent releaseMaintains integrity of files through Secure Connection’s encrypted file transfer
Avoids file modification risk via transfers by email or portable media
Reduces delays required to obtain current files and patches
•Provides a local source of current, qualified patches for installation•Central management reduces manual, administrative work
Prevent Exploits, Infections and Application Malfunction
5
Patch Automation
• Microsoft WSUS and Experion
Patch Automation
Anti-Virus Automation
Anti-Virus Automation
• McAfee or Symantec
Honeywell Confidential - © 2016 by Honeywell International Inc. All rights reserved.
Managed Industrial Cyber Security Services
Monitoring, Reporting and Honeywell Expert Support
6
Patch and Anti-Virus Automation
Security and Performance Monitoring
Activity and Trend Reporting
Advanced Monitoring and Co-Management
Secure Access
Tested and
qualified patches
for operating
systems & DCS
software
Tested and
qualified anti-
malware
signature file
updates
Comprehensive
system health &
cybersecurity
monitoring
24x7 alerting
against
predefined
thresholds
Monthly or
quarterly
compliance &
performance
reports
Identifying
critical issues
and chronic
problem areas
Honeywell
Industrial Cyber
Security Risk
Manager
Firewalls,
Intrusion
Prevention
Systems, etc.
Highly secure
remote access
solution
Encrypted,
two factor
authentication
Complete
auditing:
reporting &
video playback
Honeywell Confidential - © 2016 by Honeywell International Inc. All rights reserved.
What is monitored
Windows and 3rd Party Nodes
ControllersNetwork devices
Experion Nodes
Performance Analyzers for 550+ Critical parameters
TPS
Safety Manager
Virtualization
Honeywell Confidential - © 2016 by Honeywell International Inc. All rights reserved.
Managed Industrial Cyber Security Services
Monitoring, Reporting and Honeywell Expert Support
8
Patch and Anti-Virus Automation
Security and Performance Monitoring
Activity and Trend Reporting
Advanced Monitoring and Co-Management
Secure Access
Tested and
qualified patches
for operating
systems & DCS
software
Tested and
qualified anti-
malware
signature file
updates
Comprehensive
system health &
cybersecurity
monitoring
24x7 alerting
against
predefined
thresholds
Monthly or
quarterly
compliance &
performance
reports
Identifying
critical issues
and chronic
problem areas
Honeywell
Industrial Cyber
Security Risk
Manager
Firewalls,
Intrusion
Prevention
Systems, etc.
Highly secure
remote access
solution
Encrypted,
two factor
authentication
Complete
auditing:
reporting &
video playback
Honeywell Confidential - © 2016 by Honeywell International Inc. All rights reserved.
System State Overview Reports
9
Honeywell Confidential - © 2016 by Honeywell International Inc. All rights reserved.
Managed Industrial Cyber Security Services
Monitoring, Reporting and Honeywell Expert Support
10
Patch and Anti-Virus Automation
Security and Performance Monitoring
Activity and Trend Reporting
Advanced Monitoring and Co-Management
Secure Access
Tested and
qualified patches
for operating
systems & DCS
software
Tested and
qualified anti-
malware
signature file
updates
Comprehensive
system health &
cybersecurity
monitoring
24x7 alerting
against
predefined
thresholds
Monthly or
quarterly
compliance &
performance
reports
Identifying
critical issues
and chronic
problem areas
Honeywell
Industrial Cyber
Security Risk
Manager
Firewalls,
Intrusion
Prevention
Systems, etc.
Highly secure
remote access
solution
Encrypted,
two factor
authentication
Complete
auditing:
reporting &
video playback
Honeywell Confidential - © 2016 by Honeywell International Inc. All rights reserved.
Secure Remote Access
11
• Highly Secure
- Individual accounts must be added to site and authorized
for specific devices
- Two-factor authentication required to access gateway
- Request for access must be submitted and approved for
each session
- Screen sharing allows monitoring of all activity
- Access can be disabled at any time
• Exceptional Audit Capabilities
–Comprehensive, detailed reporting of all activity
–Audits logs stored in two isolated locations
–Video recording and playback available
Honeywell Confidential - © 2016 by Honeywell International Inc. All rights reserved.
Honeywell Security Service Center (SSC)
Amsterdam
Houston
12