Cybersecurity threats targeting organisations' industrial control systems (ICS) are not always direct. Instead, the most vulnerable entries to an ICS can start with external partners, like suppliers and vendors.
Honeywell's customer, a global pharmaceutical company, realised that potential vulnerabilities like these might be in its partner ecosystem. Therefore, the pharmaceutical company wanted to get ahead of a potential breach so they trusted Honeywell to do a thorough assessment of its suppliers’ operational technology (OT) cybersecurity gaps.
Why did the customer choose Honeywell?
First, Honeywell's OT cybersecurity experts took the time to understand the customer’s processes at more than 100 sites around the globe. Second, Honeywell experts used their knowledge and experience along with the customer process insight to conduct assessments that met their unique needs.
Many of the competitors are simply IT vendors dabbling in the world of OT. Honeywell, however, has the knowledge and the experience to better meet the demands of OT. The pharmaceutical company chose Honeywell over the competitors based on the quality and wealth of OT knowledge the experts provided.
Spreading security
The Cybersecurity Vulnerability Assessment is part of a global two to three-phase project that covers over 100 sites
This was not to be a small or limited undertaking. This Cybersecurity Vulnerability Assessment is part of a global two to three-phase project that covers more than 100 sites.
The first assessment was completed for the company’s site in India with other sites being covered in later phases.
Vulnerability assessment
Honeywell’s OT cybersecurity experts conducted the vulnerability assessment to help capture the customer’s control system vulnerabilities and potential weak spots. The assessment performed was a holistic technical review of the ICS infrastructure.
It focused on analysing their cybersecurity processes, procedures, and safeguards to better protect their industrial control systems(ICS) from internal and external threats. Because Honeywell focuses on OT as opposed to IT only, Honeywell experts are skilled in considering the entirety of an ecosystem. This means including people, processes, and any technical issues that can impact the ICS cybersecurity posture.
Digging in to reduce risks
The Honeywell team was able to holistically assess the customer’s ICS environment, documenting observations
The Honeywell team has deep expertise across IEC 62443 standards and other industry-specific guidelines, as well as invaluable experience with control systems.
Because of this expertise, the Honeywell team was able to holistically assess the customer’s ICS environment, documenting observations and recommendations to help reduce cybersecurity risks.
Physical site review
Honeywell team first conducted a physical site review to assess to uncover issues such as control room doors left unlocked, passwords in the line of sight, and other security compliance violations.
The team also reviewed the customer’s network equipment from third parties such as switches, routers, and firewalls; reviewed the infrastructure configurations; and checked installation processes.
Site-specific recommendations
The report detailed best practices and site-specific recommendations to help the customer help mitigate and prioritise
All the vulnerabilities, severity levels, and remediation details were included in the Cybersecurity Vulnerability Assessment report.
The report also detailed best practices and site-specific recommendations to help the customer help mitigate and prioritise any identified threats or vulnerabilities and notes regarding how and where each step can serve as a foundation for the best practice architecture.
Challenges and successes
Honeywell experts remained diligent in exceeding the customer’s expectations despite the shutdown in India due to the pandemic and the unexpected need to assess and remediate assets.
Honeywell also had one secret weapon: one of the OT cybersecurity experts had real-life experience in the pharmaceutical industry. This made it possible for the team to better tailor the assessment (and recommendations) to this particular customer.