Back in the day, (2012) I wrote the following:
Some people collect comics; some art. Some collect sports memorabilia, others coins. I could go on. I collect intelligent building definitions. Not really, but I thought I'd share some of the definitions I have managed to collect. While each definition offers its own perspective, it is interesting to see the similarities and the differences.
While buildings are smarter and more connected than ever before, when it comes to cybersecurity, they are stuck in the 1980s.Today’s connected business world means there are thousands of entry points in and out of companies. It is impossible to miss the continued headlines on the latest breaches and cyber-attacks. Cyber-attacks today are more sophisticated and targeted than ever before.The truth is that network security and the security of devices and systems do not work as well as we thought.
Cybersecurity protection and defense prevention for the building automation systems and the operational technology that operates and manages our facilities is now a necessity and should not be treated differently than an IT network when it comes to cybersecurity. Just like an IT network, building automation networks should have multiple layers of defense and protection as well as policies and procedures that are continuously addressed. In fact, cybersecurity should be an integral part of the design of intelligent buildings and today’s building automation system and not an afterthought; it has gone from a nice-to-have to a must-have.
Let’s look at some of the latest cyber stats—cyber issues are up 144% compared to four years ago with an average of 138 successful attacks per week, compared to 50 attacks per week in 2010; cyber-attacks cost the average U.S. company $12.7 million; attacks have become increasingly sophisticated in nature; reported incidents of have increased 48% in the past twelve months (this does not include the number of attacks that go unnoticed or are unaware); the average time it takes to detect a malicious cyber-attack is 170 days with some types of attack taking 259 days on average to detect.
