Cyber Security was Growing at ARC

As Chief Engineer, Industrial Cyber Security Solutions and Technology at Honeywell, one of my responsibilities is to understand the technology direction in the cyber security community. So you may ask “Is cyber security a hot topic for industrial operators?” This year’s ARC conference had 16 out of 38 exhibiting vendors that can be considered cyber security companies or companies who are focusing heavily on cyber security. So, the answer to that is a resounding “you betcha!” Or, if you prefer a haiku:

     Look! Shiny baubles

     of Cyber Security,

     in all directions!

I use the term “shiny baubles” on purpose. As often happens at events like this, long time colleagues gather over coffee for an informal family reunion of sorts. During these conversations, the groomed messages of seasoned presenters and trained marketing professionals falls away and less inhibited opinions start to surface. During several of these conversations that same term kept resurfacing: shiny baubles. Why? Because while there’s an incontrovertible market interest in industrial cyber security, there’s a widely varying reaction to that interest. On one side of the argument we have the defensive posture of “companies are just trying to profit, shut them down! Drive them away!” while on the other extreme we have the opinion of “so much interest will only bring innovation to an industry that needs it, support them all! Encourage them!” Of course, as often happens the majority fell somewhere in between. The first camp sees the influx of new product vendors as “shiny baubles,” something that is a distraction, like the catnip of Industrial Cyber. The second camp sees “seeds of opportunity” that may grow stronger, or perhaps wither and die – all according to the power of a free market.

Neither side is right, and I say that will the full acknowledgment and disclosure that I personally am on the “seeds” side of the discussion. I’m a technologist and geek more than I am a businessman, so my motives are different than someone who must sift through vendor hype to invest what security budget there is as wisely as possible. I get that, but I also still get to geek out over the technology that is there, and what I see is encouraging.

The biggest category of new tech is definitely in the area of passive network monitoring. Passive network monitoring has been around for decades and there isn’t really much new to offer here, except to wrap some industry relevance around what can be gleaned from the plethora of process control protocols and messages. While the concepts aren’t new (the first commercial network sniffer was introduced almost 30 years ago, in 1988) the value of finally gaining visibility into process control networks is hard to argue against. The penultimate advice I always give people looking to improve their security posture is “understand your system better” (the first is “think as creatively as possible”), and network monitoring will definitely help you understand your system better. I’m all for it. 

Will every one of the passive network inspection/analysis companies succeed? I doubt it, but again the market will decide that, and the bright and talented contributors to the companies that fail will either be absorbed into the companies that do succeed, or they will spin off and innovate again. Either way, it’s a win for the advancement of our industry, in my humble opinion. 

There are other contenders as well. Some of the bolder companies that stand out include Bedrock – offering a rock-solid hardware architecture for; and Veracity, who is pushing for a move to software defined networking that could very potentially revolutionize how PCNs function and offering huge security benefits in the process (and yes, both puns were intended).

I can’t even begin to cover them all here, but I hope that no one misconstrues a mention of one company as favoritism, or the omission of another as disapproval. They are all seeds to me, and I look forward to seeing them grow.