Honeywell Updates OT Cybersecurity Portfolio by Adding Autonomous Deception Technology

January 27, 2022 by Alessandro Mascellino

Honeywell and security solutions provider Acalvio Technologies jointly announced a new solution to detect cyber attacks against operational technology (OT).

Dubbed the Honeywell Threat Defense Platform (HTDP), the software suite features autonomous deception technology from Acalvio. The solution renews and expands Honeywell’s business relationship with Acalvio.


Securing OT in Industrial Applications

Typical OT environments often try to secure systems using prevention technology and passive detection like perimeter security and network traffic analysis.


Honeywell Forge cybersecurity strategy

Honeywell Forge’s overview of security strategy. Image used courtesy of Honeywell


However, according to a recent survey conducted by Honeywell Building Technologies (HBT), more than one in four (27%) surveyed facility managers experienced a cyber breach of their OT systems in the last 12 months due to targeted or ransomware attacks

According to HBT, these attacks can go beyond accessing private customer data and may potentially cripple operations for critical organizations, such as utilities, data centers, hospitals, and airports.


The Honeywell Threat Defense Platform 

To combat this phenomenon, HTDP uses deception tactics to confuse and mislead threats away from critical assets and devices. Specifically, combining Acalvio’s autonomous deception technology, ShadowPlex, with Honeywell’s current offerings to protect OT from increasingly sophisticated attacks.


Acalvio ShadowPlex

An overview of ShadowPlex. Image used courtesy of Acalvio


HTDP’s active defense technologies automatically make real, critical operational devices harder to find by leading threat actors to decoy assets. These appear as valuable OT and IT devices but, in truth, are not real and consequently don't provide any access to the enterprise assets.

In addition, through these deception elements, HTDP also helps detect ransomware and zero-day variants, then uses analytics to confirm and investigate threats throughout the ransomware kill chain. 


A Security-focused Partnership 

From an organizational standpoint, Honeywell's relationship with Acalvio includes investment by Honeywell Ventures to further support developing Acalvio’s cybersecurity solutions. 

According to Acalvio, the technology can benefit most buildings and facilities, particularly those without a dedicated team of cyber experts, because it doesn’t require prior cyberattack knowledge. Facilities can deploy HTDP without special training or modifications to existing OT.

HTDP can reportedly be deployed across both IT and OT environments as either an on-premises offering or cloud service. Honeywell clarified the new offering aims to help customers improve their resilience and business continuity efforts to help meet environmental, social, and governance (ESG) goals.

ShadowPlex will bring HTDP its artificial intelligence (AI)-based Recommendation Engine, wherein the system automatically detects deception within the environment. The program starts by laying decoy traps to confuse attackers while detecting and diverting the attack. It then observes, investigates, and analyzes the attack to identify any compromised systems before autonomously remediating the attack. 

Acalvio believes its ShadowPlex program is easy to use, scalable, and effective for a broad range of applications.

Have you been protecting your OT and IT environments?