I asked PAS founder and CEO Eddie Habibi about his pivot to cybersecurity during our conversation this week. It’s not a pivot, he corrected me. Cybersecurity is a natural progression from all the work PAS has done since its founding.
(Read to the end to learn about further security threats.)
Fighting Cyber intrusions begins with data
“Cybersecurity starts with knowing everything in the system from level 0 forward. This creates a baseline for change management. (PAS product) Integrity had that already, so we built analytics, visualization, and reporting on top of it,” he added.
Everybody on OT side looking for diversified information, security is fundamental, know what you have, know your vulnerabilities, address them. Golden baseline, so you can manage change
Supply chain (reason PR firm reached out), If you have a six sigma process but if your suppliers don’t then you don’t have the full value. Cyber is the same way. If I know everything I need to do but if DCS vendor sends patch with malware, then I’m in trouble anyway.
PAS is seeing customers in sectors they’ve never worked in before. While once PAS was focused on working with one supplier, now it works with more than 80 different systems and brands.
I asked about corporate awareness and concern. Habibi said pressure is coming from boards of directors who are concerned about risk and liability. “I haven’t seen anything this serious for a long time. It’s as serious as safety was in the ‘90s.”
USB as a Threat
This was almost a #DUH moment when I saw the press release from Honeywell. USB media devices pose a significant and intentional cybersecurity threat to industrial control networks.
Raise your hand if you already knew that. However, Honeywell used a remote monitoring technology to document the threat.
Data derived from Honeywell technology called Secure Media Exchange used to scan and control USB devices at 50 customer locations showed that nearly half (44 percent) detected and blocked at least one file with a security issue. It also revealed that 26 percent of the detected threats were capable of significant disruption by causing operators to lose visibility or control of their operations.