Honeywell and Acalvio Technologies have launched a way to detect known and unknown (zero-day) attacks across the operational technology (OT) environments in commercial buildings.

Honeywell’s HTDP threat defence platform powered by California-based Acalvio uses autonomous deception tactics to outsmart attackers and provides high fidelity threat detection. The technology uses an approach recommended by governments and cyber-security standard bodies because of its ability to detect and control attacks.¹

Traditionally, building OT environments rely on prevention technology and passive detection such as perimeter security and network traffic analysis to secure systems. Yet, more than a quarter (27%) of facility managers experienced a cyber breach of their OT systems in the past 12 months, according to a recent survey by Honeywell. Threat actors continue to target building systems with both targeted attacks and ransomware attacks. These attacks can go beyond accessing private customer data and may potentially impair the operations for critical organisations that keep society running such as utilities, data centres, hospitals and airports.

HTDP uses deception tactics to confuse and mislead threats away from critical assets and devices, resulting in low false alerts and a high rate of detection. It leads threat actors to decoy assets, which appear to be valuable OT and IT devices; however, none of the devices are real and there is no access to the enterprise assets. This makes real, critical operational devices harder to find, slowing down adversaries and helping security teams capture them faster.

“The quantity and complexity of cyber attacks unfortunately are increasing every day, reinforcing the need for building owners and operators to rigorously monitor, maintain and protect their OT environments,” said Mirel Sehic, global director of cyber security at Honeywell. “Incorporating Acalvio’s autonomous deception technology into our OT cyber-security toolbelt is highly effective to help protect our customers’ buildings from increasingly sophisticated attacks.”

Powered by Acalvio’s deception technology, HTDP incorporates design-, intent- and industry-specific knowledge into a seamless workflow to deploy effective deception across distributed enterprise OT networks. Using specially crafted deception elements, HTDP also helps detect ransomware and zero-day variants with precision and speed. It uses analytics to confirm and investigate threats.

“We’re excited to work with Honeywell to secure and keep building OT systems properly operating while also protecting the people and data throughout an organisation,” said Ram Varadarajan, CEO of Acalvio Technologies. “Importantly, this technology is something that can benefit every building and facility, especially those that do not have teams of cyber experts. It requires no prior knowledge of attacker tactics and can be deployed without special training or modifications to existing OT environments.”

HTDP includes deployment and ongoing monitoring, freeing up internal security team resources. Artificial intelligence makes the service easier to use and scalable. HTDP suits organisations that desire intrusion detection in their building network without having to install or operate complex technology. It can be deployed across IT and OT environments as either an on-premises offering or cloud service.

This helps users improve their resilience and business continuity efforts to help meet environmental, social and governance goals.