We all know we live in a world that is more connected than ever before and that our systems and equipment that run our buildings are no exception. Networked building management systems bring many benefits but can expose organizations to cyber security issues.
Recognizing the importance of cyber security, October has been designated National Cyber Security Awareness Month. As a reminder, I thought I would provide links previous articles on the subject I did for automatedbuildings.com:
In 2012 I began talking about cyber security related to our building control and facility systems and how this was one of the most important issues facing our industry. Since then we have seen cyber security incidents and vulnerabilities continue to be common and pose a global threat – no region or company is immune.
News of a cyber incident is nearly an everyday occurrence, while the scope and long-term damage associated with cyber incidents are escalating and at times, appear to not end. Take Target for example, we all know about the cyber incident that took place, yet the company is still dealing with ramifications---paying $67 million to Visa; $19 million to Mastercard; several on-going lawsuits; still trying to recover from a major hit to its brand and a loss in customer confidence.
The Internet of Things has finally arrived. According to the Economist Intelligence Unit, it shows that 96% of the global business leaders surveyed expect their businesses to be using IoT in one form or another by 2016.
In a previous article titled, “I’ll have IoT with That Please”, I wrote about how there was a lot of discussion on what IoT means and how it impacts and relates to the world of commercial real estate and buildings. Back then I said that IoT is an important aspect to the overall ecosystem within commercial real estate and has and will continue to play a key role in how we interact, collaborate, operate, manage and “smarten up” our buildings. IoT is emerging as the third wave in the evolution of intelligent buildings.
Today, IoT is enabling us to expand our reach to a range of devices and hardware that gather and analyze data and react to it in a variety of applications that we’ve never seen before. IoT is allowing us to move from connected devices to connected intelligence and redistribute and process data independently at the edge.
So what is driving our next generation hardware? IoT and all of its promises are flattening the network architecture and have created new requirements for memory. Resource constrained applications are adding connectivity where little to none existed before. We are experiencing a significant shift in the way people acquire information, interact with each other, and make decisions. As the world of IoT moves forward, so does the need for hardware that can handle those connections and the amount of data that is produced. Then there is the growing acceptance of open-source, open programming, open hardware technologies; the support of “edgeware” applications; direct connection to the Cloud and the ability to bring different applications from different providers together.
Our connected business world means there are thousands of entry points in and out of companies. The exploding number of access points means we now have thousands of potential openings into our companies. What has been traditionally seen as a simple component of an organization’s infrastructure, throwing a firewall and antivirus solution down as an adequate cyber strategy, has evolved into something that can keep one awake at night. The scary truth is that network security does not work as well as we thought.
As cybersecurity has emerged as the number one priority today, it is becoming a front business issue and a board room issue. After a series of high profile data breaches and warnings, corporate boards find themselves dealing with cyber threats and security issues. Not long ago, cybersecurity was a term rarely, if ever, heard in the boardroom. Rather, information security was deemed to be a risk managed solely by the chief information or technology officer or the IT department. Those days are gone. With the long list of high profile cybersecurity hacks and the after effects that include drop in shareholder value, decline in sales, brand and customer erosion, regulatory inquiries and litigations, cybersecurity has become an increasingly challenging risk that boards must address.
