by Gary Mintchell | Sep 21, 2023 | Edge, Manufacturing IT, Operations Management, Security
Paul Simon wrote that it’s all happening at the zoo. Today, it’s all happening at the edge. ATT Cybersecurity has released its 2023 AT&T Cybersecurity Insights Report: Edge Ecosystem focusing on manufacturing companies worldwide. It explains how edge computing is changing manufacturing to solve operational issues and reduce costs. This report reveals what your peers are planning and doing to embrace edge computing.
The lead and author of the report, Head of Cybersecurity Evangelism at AT&T Business Theresa Lanowitz, states, “In the past, IT typically made technology decisions based on business and computing requirements they understood. Thanks to ongoing advances in computing, things are changing.”
She contends Edge computing is a transformative technology that brings together various stakeholders and aligns their interests to drive integrated business outcomes. The emergence of edge computing has been fueled by a generation of visionaries who grew up in the era of smartphones and limitless possibilities. In this paradigm, the role of IT has shifted from being the sole leader to a collaborative partner in delivering innovative edge computing solutions. In addition, we found that leaders in manufacturing are budgeting differently for edge use cases. These two things, along with an expanded approach to securing edge computing, were prioritized by the respondents in the 2023 AT&T Cybersecurity Insights Report: Edge Ecosystem.
Topline research findings
In 2023, the manufacturing respondents’ primary edge use case is smart warehousing, which involves deploying computing resources close to or on the warehouse floor. The enhanced productivity of warehouse employees, flexible logistics, and better optimization of warehouse space are some benefits of edge computing. This represents a shift from the primary use case in the 2022 AT&T Cybersecurity Insights Report: Securing the Edge, which focused on video-based quality inspection as the primary manufacturing edge computing use case.
Press releases concerning warehousing and logistics up and downstream constituted the majority of my inbox for the past few years. Looks like this is reflected in the research.
As manufacturing has evolved, the need for efficiency and speed is focused on moving goods out of warehouses and onto the next stop of either consumption or integration. The rising cost of labor and customer expectations for next-day or same-day deliveries drive the need for greater investments in rapidly understanding which products are most likely needed to fulfill a sales pipeline or supply chain.
This is AT&T Cybersecurity, after all, so it cites following cybersecurity challenges with the edge:
- Potentially more vulnerable data – especially when such devices are at risk of being stolen, lost or damaged.
- Legacy 4G threats, when the increased use of sensors and cameras on a production line can benefit from 5G capabilities and its enhanced encryption.
- Concerns regarding regulatory compliance, specifically when personally identifiable information (PII) is being transferred from the edge site to a different location.
by Gary Mintchell | Sep 19, 2023 | Enterprise IT, Manufacturing IT, Operations Management, Security
- State-affiliated Groups Responsible for nearly 60%
- 60% of incidents result in operational disruption, driving the need for proactive OT defenses and incident response
The topics of this time are Cybersecurity, Sustainability, and Workforce with the impact of AI playing on all three. This news from Rockwell Automation focuses on Cybersecurity. It has released a report on an in-depth study of the topic by Cyentia Institute. The report is comprehensive deserving of a thorough read.
Rockwell Automation announced the findings of its report “Anatomy of 100+ Cybersecurity Incidents in Industrial Operations.” The global study conducted by Cyentia Institute analyzed 122 cybersecurity events that included a direct compromise of operational technology (OT) and/or industrial control system (ICS) operations, collecting and reviewing nearly 100 data points for each incident.
Don’t think you are immune from global politics. Unfortunately.
The first edition of the report finds nearly 60% of cyberattacks against the industrial sector are led by state-affiliated actors and often unintentionally enabled by internal personnel (about 33% of the time). This corroborates other industry research showing OT/ICS security incidents are increasing in volume and frequency, and are targeting critical infrastructure, such as energy producers.
“Energy, critical manufacturing, water treatment and nuclear facilities are among the types of critical infrastructure industries under attack in the majority of reported incidents,” said Mark Cristiano, commercial director of Global Cybersecurity Services at Rockwell Automation. “Anticipating that stricter regulations and standards for reporting cybersecurity attacks will become commonplace, the market can expect to gain invaluable insights regarding the nature and severity of attacks and the defenses necessary to prevent them in the future.”
- OT/ICS cybersecurity incidents in the last three years have already exceeded the total number reported between 1991-2000.
- Threat actors are most intensely focused on the energy sector (39% of attacks) – over three times more than the next most frequently attacked verticals, critical manufacturing (11%) and transportation (10%).
- Phishing remains the most popular attack technique (34%), underscoring the importance of cybersecurity tactics such as segmentation, air gapping, Zero Trust and security awareness training to mitigate risks.
- In more than half of OT/ICS incidents, Supervisory Control and Data Acquisition (SCADA) systems are targeted (53%), with Programmable Logic Controllers (PLCs) as the next-most-common target (22%).
- More than 80% of threat actors come from outside organizations, yet insiders play an unintentional role in opening the door for threat actors in approximately one-third of incidents.
In the OT/ICS incidents studied, 60% resulted in operational disruption and 40% resulted in unauthorized access or data exposure. However, the damage of cyberattacks extends beyond the impacted enterprise, as broader supply chains were also impacted 65% of the time.
The research indicates strengthening the security of IT systems is crucial to combatting cyberattacks on critical infrastructure and manufacturing facilities. More than 80% of the OT/ICS incidents analyzed started with an IT system compromise, attributed to increasing interconnectivity across IT and OT systems and applications. The IT network enables communication between OT networks and the outside world and acts as an entryway for OT threat actors. Deploying proper network architecture is critical to strengthening an organization’s cybersecurity defenses. It is no longer enough to simply implement a firewall between IT and OT environments. Because networks and devices are connected daily into OT/ICS environments, this exposes equipment in most industrial environments to sophisticated adversaries. Having a strong, modern OT/ICS security program must be a part of every industrial organization’s responsibility to maintain safe, secure operations and availability.
Methodology
For this report, Rockwell Automation commissioned the Cyentia Institute to analyze data from 122 cybersecurity events across the globe, which occurred from 1982-2022. The Cyentia Institute’s team collected and analyzed nearly 100 data points surrounding individual incidents involving the direct compromise or disruption of OT/ICS systems. The resulting report was developed to share instructive insights about actual OT/ICS cybersecurity attack activity.
The Cyentia Institute is a research and data science firm dedicated to the mission of advancing knowledge in the cybersecurity industry. We accomplish this by partnering with a variety of organizations to perform comprehensive data analysis and publish high-quality, data-driven research.
by Gary Mintchell | Sep 1, 2023 | Security
- • SCADAfence will integrate into the Honeywell Forge Cybersecurity+ suite providing expanded asset discovery, threat detection, and compliance management capabilities.
- SCADAfence extends Honeywell’s OT cybersecurity portfolio to build upon its comprehensive professional services, managed security services, and software solutions.
With the announcement of this major cybersecurity acquisition, Honeywell communications offered me the opportunity to talk with Michael Ruiz, the new VP/GM Cyber Innovation.
He joined in January, tasked with moving cybersecurity from services to a comprehensive product/services offering to offer more complete solutions for customers. Honeywell has had a strong but not necessarily cohesive solution across the various parts of the company—industrial, building, and aerospace. Evaluating companies across the cyber ecosystem and evaluating make vs. buy, the team saw the opportunity to acquire SCADAfence and it looked like a great fit.
I’m sure that history had much to do with the divisional structure within the conglomerate. The development of Honeywell Connect as a concentrated software arm of the company only a few years ago has enabled this sort of cross-industry thinking. Every domain has cyber issues. Gathering these together under one portfolio should provide a comprehensive and collaborative product/service portfolio.
Notes from the news release:
Honeywell announced July 10 it has agreed to acquire SCADAfence, a leading provider of operational technology (OT) and Internet of Things (IoT) cybersecurity solutions for monitoring large-scale networks. SCADAfence brings proven capabilities in asset discovery, threat detection and security governance which are key to industrial and buildings management cybersecurity programs.
The SCADAfence product portfolio will integrate into the Honeywell Forge Cybersecurity+ suite within Honeywell Connected Enterprise, Honeywell’s fast-growing software arm with strategic focus on digitalization, sustainability and OT cybersecurity SaaS offerings and solutions. This integration will enable Honeywell to provide an end-to-end enterprise OT cybersecurity solution to site managers, operations management and CISOs seeking enterprise security management and situational awareness. The acquisition strengthens existing capabilities in cybersecurity and bolsters Honeywell’s high-growth OT cybersecurity portfolio, helping customers operate more securely, reliably and efficiently.
SCADAfence is headquartered in Tel Aviv, Israel and will expand Honeywell’s Cybersecurity Center of Excellence in Tel Aviv. Honeywell has been implementing OT cybersecurity solutions for more than twenty years, delivering thousands of projects in over 130 countries with more than 500 employees worldwide focused specifically on OT cybersecurity.
The transaction is now complete.
by Gary Mintchell | Jun 29, 2023 | Enterprise IT, Operations Management, Security
Laminar Announces AWS Built-in Solution for Data Security
Here is a little IT news. A start up I’ve not heard about before, Laminar, has built a data security platform working with the large cloud providers. It has recently published two announcements.
The first announcement reveals it has worked with Amazon Web Services (AWS) to complete an AWS built-in co-build solution that automatically installs, configures, and integrates with native AWS Cloud Foundational Services across multiple domains such as identity, security, and operations.
Laminar is a member of the AWS Partner Network (APN) that built their software solution to include foundational AWS services like AWS CloudTrail, AWS Control Tower, and AWS Organizations to decrease risk, reduce operational overhead, and provide consistent observability in cloud environments. Utilizing a well-architected Modular Code Repository (MCR) that is both validated by AWS and designed specifically to add value to a partner solution, Laminar is equipped to help customers achieve their goals for scale, simplicity, and cost savings.
“By utilizing an AWS built-in co-build solution with the Laminar Data Security Platform, organizations will be able to gain the visibility and control needed to continue cloud data growth across AWS services while keeping it protected,” said Amit Shaked, CEO and co-founder, Laminar.
Laminar’s AWS built-in solution comes built in with AWS CloudTrail, making it easier for customers to discover, classify, secure, and monitor their sensitive data in the cloud. By processing CloudTrail logs, Laminar provides automated data detection and response (DDR) – alerting customers to real-time threats to their data and streamlining quick remediation. Laminar also helps identify the root cause of the data threat with event timelines and data access flowcharts.
The news is the latest development in Laminar’s deepening relationship with AWS. The company was also selected to be a launch partner for Amazon Security Lake at AWS re:Invent last November. Furthermore, Laminar’s platform was the first pure-play data security posture management (DSPM) to be named an AWS Security Competency Partner in the new Data Protection category, and has received the Amazon Relational Database Service (RDS) Ready Product Designation.
Laminar Announced as Launch Partner for Wiz Integration (WIN) Platform
Laminar announces its partnership with leading cloud security provider, Wiz as the company unveils Wiz Integration (WIN) Platform. Laminar, hand selected as a launch partner, brings the power of the Laminar Data Security Platform to WIN, to improve customer understanding of how cloud vulnerabilities may put their sensitive data at risk.
The integration between Wiz and Laminar optimizes the value of both platforms while enabling organizations to more efficiently and effectively secure their public cloud environments. With this integration, data security teams can use the Laminar Platform to secure overexposed and unprotected data, remediate misplaced data, and delete any redundant, obsolete, or trivial (ROT) data — which ultimately ensures a more secure, hygienic data environment that meets compliance requirements. Pairing all of this data security posture with the Wiz platform allows cloud security teams to better understand how to prioritize cloud infrastructure vulnerabilities.
WIN enables Wiz and Laminar to share prioritized security findings with context including inventory, vulnerabilities, issues, and configuration findings. Mutual customers receive the following benefits:
- Prevent Sensitive Data Exposure – Laminar enriches Wiz with a layer of data context that gives organizations additional visibility into the full impact of each attack path and issues.
- Ruthless Prioritization – In collaboration with Laminar, Wiz enables infrastructure security teams to focus on issues that impact highly sensitive data first.
- Streamline Collaboration and Remediation Workflows – With the joint solution, data security and infrastructure teams share data with a common view to contain and remediate risk faster.
WIN is designed to enable a cloud security operating model where security and cloud teams work collaboratively to understand and control risks across their CI/CD pipeline. Wiz is setting the industry standard in integrated solution strategy to maximize operational capabilities of organizations with partners like Laminar in WIN.
by Gary Mintchell | May 25, 2023 | News, Security
I’m still catching up from the flurry of press releases in April and early May. This one from Hexagon Asset Lifecycle Intelligence and from the PAS group they acquired a couple of years ago. The new version is PAS Cyber Integrity 7.3. Updates include:
- Delivering an enterprise-wide, holistic image of multiple risk domains with a clear understanding of vulnerabilities and enhanced risk-based decision-making
- Utilizing proprietary risk scoring to rapidly identify risks in the environment of greatest concern while simultaneously considering the vulnerabilities and patching level of various assets
- Precisely identifying systems at risk of penetration or exploit and providing meaningful and actionable data regarding risk level, vulnerabilities for remediation and the associated patches and upgrade paths providing the highest value
- Prioritizing risk-reducing and vulnerability remediation activities that shrink the attack surface and quickly providing paths that reduce the greatest risk, with the least amount of effort
by Gary Mintchell | May 24, 2023 | Manufacturing IT, Operations Management, Security
Honeywell began sending press releases about things called Forge and Connect and Connected Enterprise in 2019. I was puzzled. Then came the pandemic making contact and conversations difficult. I think this was much like initiatives from a few other former automation companies now trying to become software companies—they had some ideas and appointed some GMs, but they were feeling their way forward, as well.
I was confused again this month. There was registration for something called Honeywell Connect, and then pre-brief for Honeywell Connect (for which I never received a link) and then for Honeywell User Group (HUG). I registered for so many things, I wasn’t sure what was next. Then there’s the issue that HUG is in Orlando—and I’m tired of going to Orlando and supporting Florida.
Yesterday was Honeywell Connect—a series of announcements from the Honeywell Connected Enterprise group. The big announcement that concerns me follows. HUG follows June 19 for the process systems group. That one is live. As it stands now, I’ll be there. If you’d like to connect and give me your thoughts on using all this new technology or where AR/VR is going, ping me at [email protected].
The big news from Connect is the release of Cyber Insights for operational technology applications. Its focus is improving the availability, reliability and safety of their industrial control systems and operations. Cyber Insights is designed to integrate information from multiple OT data sources in order to provide a customer with actionable insights into their facility’s cybersecurity vulnerabilities, threats and compliance, thereby helping reduce their overall cybersecurity risks.
Cyber Insights brings a tailored approach by providing a purpose-built cybersecurity solution for OT environments and users. It is designed to offer a site-level view of a facility’s cybersecurity posture and provide insights into security events, vulnerabilities, active threats and to manage compliance. Cyber Insights can help organizations strengthen their cyber resilience and respond faster to incidents through access to critical information at the right time.
Cyber Insights is pre-configured for OT use, with already available customization options designed to address certain needs specific to different industrial environments, while being vendor agnostic so that it can deployed on Honeywell control systems as well as many other systems. It is also deployed, supported and maintained by Honeywell Cyber Care services during the applicable subscription license term to help customers maintain continuous tuning and optimization as required for any system to run in peak form.
