Honeywell Debuts Advanced Monitoring and Incident Response (AMIR) for OT Cybersecurity

June 20, 2021 by Robin Mitchell

Honeywell announced this week they will be adding their latest cybersecurity solution to their Forge platform to improve OT and IT operations.

Honeywell Adds Advanced Monitoring and Incident Response to Forge

Honeywell will now include a new security system into their existing Forge platform called Advanced Monitoring and Incident Response (AMIR). AMIR is integrated into Honeywell's larger cybersecurity platform called Forge. This platform provides unique high-level features such as vendor-neutral solutions and centralized control.


An engineer using Honeywell's Forge platform Advanced Monitoring and Incident Response (AMIR). Image used courtesy of Honeywell 

AMIR is designed to provide cybersecurity protection across an entire system that uses a centralized control center for monitoring and management. One of the proposed advantages of AMIR is its scalability and implementation of security systems that may change and grow over time. 


Monitoring Threats in Real-time

The AMIR provides security personnel that can monitor threats in real-time. The system uses AI and pattern recognition to look for abnormalities in systems.

"Honeywell's Advanced Monitoring and Incident Response solution provides a combination of advanced cybersecurity software, experts, and playbooks with remediation guidance in order to better detect, prevent, analyze, evaluate and coordinate the response to cybersecurity threats occurring within OT environments," mentioned Jeff Zindel, vice president, and general manager, Honeywell Connected Enterprise Cybersecurity

AMIR may analyze emerging cybersecurity threats, whether it be a software fault or infection, and indicators of compromise can trigger alerts to operators who can shut systems down before damage is done.

AMIR gathers and prioritizes threat data depending on its severity. It then analyzes and correlates threats and logs data from sources surrounding the threat. This enables OT and IT developers to better understand why AMIR has flagged a particular event and provide potentially invaluable data that enables better identification of the initial cause of the threat.


Is Centralized Cybersecurity Critical for Industrial Platforms? 

One of the biggest challenges companies face in the industrial sector is the wide variety of hardware, software, protocols, and platforms to choose from. While manufacturers go to great lengths to ensure that hardware and software are cross-compatible, the wide variety of hardware and software means that there are potentially more cybersecurity vulnerabilities. 


A graphic showing how Honeywell's industrial ecosystem stays connected to machines and the facility. Image used courtesy of Honeywell


An industrial ecosystem can consist of thousands of devices across an entire continent. Trying to develop unique cybersecurity software solutions for each site can be expensive and difficult to maintain, especially if each system is developed by a separate engineer. 

Honeywell's Forge can help an industrial ecosystem move towards a centralized cybersecurity platform that monitors and identifies potential issues. 

Users can apply changes to security policies to all industrial sites and use a common platform that removes the need to provide unique coding and customization for each site.

The goal of Honeywell's Forge is to see secure data transfers and automated assets that can help to reduce labor costs, defend against costly cyberattacks, and avoid regulatory non-compliance penalties. Considering how many industrial sites worldwide are now being attacked, ensuring security integrity is a pretty easy decision for most manufacturing companies.