I asked PAS founder and CEO Eddie Habibi about his pivot to cybersecurity during our conversation this week. It’s not a pivot, he corrected me. Cybersecurity is a natural progression from all the work PAS has done since its founding.
(Read to the end to learn about further security threats.)
Fighting Cyber intrusions begins with data
“Cybersecurity starts with knowing everything in the system from level 0 forward. This creates a baseline for change management. (PAS product) Integrity had that already, so we built analytics, visualization, and reporting on top of it,” he added.
Everybody on OT side looking for diversified information, security is fundamental, know what you have, know your vulnerabilities, address them. Golden baseline, so you can manage change
Supply chain (reason PR firm reached out), If you have a six sigma process but if your suppliers don’t then you don’t have the full value. Cyber is the same way. If I know everything I need to do but if DCS vendor sends patch with malware, then I’m in trouble anyway.
PAS is seeing customers in sectors they’ve never worked in before. While once PAS was focused on working with one supplier, now it works with more than 80 different systems and brands.
I asked about corporate awareness and concern. Habibi said pressure is coming from boards of directors who are concerned about risk and liability. “I haven’t seen anything this serious for a long time. It’s as serious as safety was in the ‘90s.”
USB as a Threat
This was almost a #DUH moment when I saw the press release from Honeywell. USB media devices pose a significant and intentional cybersecurity threat to industrial control networks.
Raise your hand if you already knew that. However, Honeywell used a remote monitoring technology to document the threat.
Data derived from Honeywell technology called Secure Media Exchange used to scan and control USB devices at 50 customer locations showed that nearly half (44 percent) detected and blocked at least one file with a security issue. It also revealed that 26 percent of the detected threats were capable of significant disruption by causing operators to lose visibility or control of their operations.
The era of improving plant performance and profitability through efficiency—that is by cutting costs—is over. So stated Emerson Automation Solutions executive president Mike Train while kicking off the 2017 edition of Emerson Global Users Exchange in Minneapolis.
“The past 30 years have brought us fantastic advances in the manufacturing sector, including greater operating efficiencies enabled by automation,” said Train. “But the incremental benefits gained are diminishing. The pressure is on industry leaders to take the next step to the game-changing performance made possible by digitally empowering the workforce.”
Emerson has researched industry performance and drew a profile of Top Quartile industry performers – those in the top 25 percent of performance among their peers – Emerson has identified five essential competencies as critical to realize the value of “digital transformation”:
• Automated Workflow: Eliminate repetitive tasks and streamline standard operations to focus personnel on exceptions and other opportunities that require human intervention
• Decision Support: Leverage analytics and embedded expertise to provide actionable insights that reduce complexity and enable higher quality, faster decision-making
• Workforce Upskilling: Identify approaches that empower workers to acquire knowledge or experience faster and more effectively, to support higher-level and collaborative decision-making
• Mobility: Provide secure, on-demand access to information and expertise regardless of location, enabling collaborative workflows
• Change Management: Combine strategies, processes, tools and expertise that, in the right combination, simplify and accelerate the institutionalization of operational best practices
As always, this is a huge customer conference. There is abundant energy. Informal networking occurred all over the place. At this time, Emerson is the most vibrant of the companies in this area. It’ll be interesting to watch how, or if, business continues to grow from the company’s continued vision of industry.
More coming. Gotta listen to the next speaker.
Change management is a huge issue in automation and control. Who makes the change, when, what was done, was it authorized, and more questions. I’ve had many chats with leaders of companies who provide change management tools over the years. Here is a Honeywell solution.
Honeywell Process Solutions (HPS) today announced the introduction of documentation and change management software that will help its customers’ industrial control system integrity. Honeywell Trace replaces paper-based records and spreadsheets with an automated solution. This helps minimize errors due to changes in configurations, improve worker productivity, and simplify automation asset management by providing a single integrated view of complex system interactions.
Around the world, many process industry organizations need to meet critical management of change (MOC) challenges within their operations. In particular, plant owners/operators need to know who is interacting with control systems and when changes have been made. They also require a clear understanding of configuration anomalies.
“Driven by the growth of our outcome-based programs and a commitment that all processes and tools deliver more efficient service, it is critical that we have the ability to quickly collect and accurately report on system information, configuration history and performance conditions,” said John Rudolph, vice president and general manager, HPS Lifecycle Solutions and Services. “Honeywell Trace responds to these key requirements, providing critical data that lets users know what, when, and why actions were taken and how they compare to actions in the past. The precision and comprehensiveness of its change analysis can reduce several days of manual effort.”
Honeywell Trace is a sophisticated data collection solution that helps expand the visibility of control configurations while automating the documentation of traditional tribal knowledge and actions taken by plant personnel. These improvements will enable companies to enhance regulatory compliance, reduce configuration errors, spend less time in project planning, and minimize troubleshooting and forensics effort.
“Honeywell customers employing the Trace solution can expect a substantial reduction in manual troubleshooting, reduced quality assurance and factory acceptance test (FAT) project activities, and dramatically faster data collection,” Rudolph said.
Honeywell Trace enables plant managers, safety managers, engineers and others to see how the facility is divided and view changes that have occurred to a group of components over collected snapshots. Operations can continue as usual during data snapshots, as the software does not impact the engineering system during collection periods. Personnel can learn how changes impact performance through system health reports, better understand data flows and logic, and avoid problems during maintenance.
Trace makes it easy to identify and assign hardware statuses, reserve hardware, and improve project planning with I/O channel spare management. Engineering teams are able to maintain their network and hardware topology without having to redraw it every time a change is made. Honeywell Trace allows for better decision-making and ultimately improves operational effectiveness.
The new software documents data up to 300 times more frequently than other MOC tools and provides the most powerful search and parameter query functions. It offers smart change analysis, user-configurable defect definition capabilities, real-time system performance assessments, and an intuitive user experience design with dashboards and logical network views.
Industrial Control Systems (ICS) Cybersecurity risks have become so public that CEOs and Board members are sponsoring projects within their companies and raising visibility of the issue.
PAS Inc. CEO Eddie Habibi and General Manager of Cybersecurity and CMO David Zahn shared that news with me during a conversation this week regarding the release of a new version of PAS Cyber Integrity (5.0).
They further pointed out that this high-level visibility serves to push the long-promised IT/OT integration and cooperation into more meaningful relationships.
A final point concerned approaches to ICS cybersecurity. Most companies and consultants focus on the networking access side of the equation. PAS also looks at such automation assets as patch management, inventory management, and workflow.
The latest release of Cyber Integrity boasts enhanced support for workflows and security policies, automating a closed-loop patch management process, and provides enhanced dashboard capabilities. Says the company’s press release, “Cyber Integrity helps companies better mitigate operational risk from malicious attacks or inadvertent control system changes through automated inventory management, patch management, change management, and backup and recovery.”
“Patch management for today’s control systems lack critical capabilities required to help industrial organizations meet cybersecurity best practices and regulatory standards,” says Peter Reynolds, Senior Analyst at ARC Advisory Group. “Among other issues, plants often have poor visibility into which assets require patching; lack integrated processes that drive testing, implementation, or mitigation; and cannot easily access auditable evidence of a patch management process. ARC supports the development of solutions such as PAS Cyber Integrity that are designed to address these types of patch management issues in mission-critical industrial environments.”
Cyber Integrity works across the heterogeneous control environment found in plants providing enterprise scalability and performance. It enables industrial companies to:
- Gather and maintain an accurate inventory of IT and OT cyber assets,
- Automate patch processes throughout the enterprise,
- Monitor for unauthorized change to cyber asset configurations, and
- Implement a program for system backup and recovery.
The latest release also includes an entirely new dashboard that makes it easier for end users to process actionable information, as well as for management to quickly understand the state of ICS cybersecurity.
“The great contradiction within ICS cybersecurity is that the assets most valuable to plant operations and safety are often the most vulnerable,” says David Zahn, Chief Marketing Officer and General Manager of the Cybersecurity Business Unit at PAS. “Inventory management and change management are essential components of a cybersecurity strategy that address this contradiction. By offering patch management within Cyber Integrity, we now provide cybersecurity and operations professionals the ability to identify, address, and audit a process that had traditionally fallen short. Along with our new dashboard, workflow, and policy capabilities, companies have everything they need to harden ICS cybersecurity and streamline compliance efforts.”
Further information can be found on the PAS blog:
“Is Your House In Order?”
“The Risk of Not Knowing”
“What Happens When You Get That Call?”