Governance & Risk Management , Operational Technology (OT) , Video

Honeywell's James DeLuccia on Product Security vs IT Defense

Consistency Is the Objective in IT Security, But Product Security Must Be Flexible
James DeLuccia, product security chief, Honeywell

Organizations expect the IT security landscape to be consistent - from builds and hardware to operating systems - but for product security, everything Honeywell makes is a snowflake with flexible, highly tailored design across many technologies, says Honeywell Product Security Chief James DeLuccia.

See Also: Scalability - A Look at Securely Managing 500 Million Connected Vehicles

To secure applications at an industrial scale, Honeywell works with tens of thousands of suppliers across a multitude of technology platforms and applications, with some endpoints in nuclear reactors dating back more than 30 years. Straightforward activities in the IT world such as configuration updates or encryption can be challenging or even impossible to implement on some products, he says (see: Why Securing Medical Devices Is So Challenging).

"In an IT environment, you always want more consistency in your service model," DeLuccia says. "Because of the specialization that has to happen in products, we have had technology where there's 12 people on the planet that know how to use this certain technology, and they were the ones that invented it. Those people are front and center because we need to understand how that works."

In this video interview with Information Security Media Group, DeLuccia also discusses:

  • How to bring consistency to securing platforms as they're integrated
  • The top security challenges associated with brand new technology;
  • What's different between protecting quantum and chips vs traditional IT

DeLuccia is responsible for a $6.5 billion annual product portfolio with more than 340 active engineering projects across 1,300 engineers. He is responsible and accountable for all products in the market as well as those being developed including hardware sensors and industrial cloud offerings. DeLuccia oversees security, operations, incident response, privacy and all cyber functions in the business. During his nearly six years with the company, DeLuccia has led or advised on cloud strategy, cloud innovation, cost consolidation, cybersecurity and compliance across the various Honeywell business units.


About the Author

Michael Novinson

Michael Novinson

Managing Editor, Business, ISMG

Novinson is responsible for covering the vendor and technology landscape. Prior to joining ISMG, he spent four and a half years covering all the major cybersecurity vendors at CRN, with a focus on their programs and offerings for IT service providers. He was recognized for his breaking news coverage of the August 2019 coordinated ransomware attack against local governments in Texas as well as for his continued reporting around the SolarWinds hack in late 2020 and early 2021.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.