The intensifying need for cybersecurity in smart buildings By Mirel Sehic, Global Director Cybersecurity, Honeywell Building Solutions
The last decade has witnessed a growth in investment in cybersecurity, partly in response to some high-profile attacks, which have caused hundreds of millions of dollars of damage worldwide. Increasingly, governments and businesses of all sizes are committing time and money to thwart these determined cybercriminals.
The good news is that cybersecurity responsiveness is now being integrated into planning and day-to-day operational thinking. However, the evolution of Internet of Things (IoT) connectivity and largescale digital integration have the potential to undo all the good work by presenting would-be attackers with new, low security points of access.
The latest challenge is operational technology (OT), which has historically not needed a full suit of digital armour as it has traditionally worked inside discrete networks. This is increasingly not the case as a result of a bourgeoning use of new technology to improve business operations. As more internet-connected devices are being incorporated into building operations, facility managers, along with information technology (IT) and OT professionals, need to collaborate to create and manage holistic cybersecurity policies and procedures to ensure the optimum levels of protection.
The impact of digitisation strategies
This, in turn, is raising a new challenge for businesses and facility managers – the need to understand how their digitisation strategies are impacting the cybersecurity status of their building portfolios. And there’s no time to lose as the threat landscape is rapidly evolving. It is therefore essential to have a firm grasp of the potential cybersecurity vulnerabilities and risks associated with implementing new technologies and the steps that need to be taken to instigate the appropriate defences against cyberattacks.
The more complex the system, the more difficult the diagnosis of the potential risks. On the other hand, older parts of OT networks often have little or no protection. As such, facility managers need to devise top-to-toe risk management strategies that address weaknesses in both complicated new technologies and legacy systems.
Understanding the cyber risks
Incorporating IT capabilities, such as big data analytics and IoT connectivity, across OT environments can vastly improve productivity. Multiple proprietary systems can be easily centralised and automated, which further helps optimise building performance. However, the implementation of new technologies and a greater number of entry points increases the possibility of cyberattacks and malicious activity, especially around unauthorised access to controls and security systems. The application of new technologies therefore needs to be accompanied by a concomitant rollout of suitable protection.
The need for awareness
While loss of personal data can have financial costs, an attack on an OT environment can have consequences beyond just financial loss – including prolonged outages of critical services, environmental damage and a danger to personal safety. There’s also the threat of a third party gaining unauthorised access to internet-connected physical security systems.
There have been an increasing number of attacks on the manufacturing industry, critical government infrastructure such as dams, public transport and hospital networks. The most recent Notifiable Data Breaches report indicates that violations have occurred more regularly month-to-month, with the health sector reporting the most cyber-attacks out of any other sector. Worse still, 61% of these attacks were identified as malicious or criminal.
Make no mistake, there are highly skilled and motivated criminals actively targeting networks to find ways to exploit the security weaknesses in the OT environment, control systems and critical infrastructure. Understanding how an attacker can gain access to a system, including the various attack techniques, is an important step towards mitigating the risks and will help organisations keep on top of the threats that exist in their own networks.
Develop a cyber strategy
Having a cybersecurity strategy in place is critical; readiness isn’t optional. This starts with employee training and awareness but facility managers also need to identify which assets need safeguarding, the types of likely threats and the rules and controls needed to protect against them.
Developing, reviewing and maintaining policies and procedures is paramount, including guidelines for password use and renewal, the handling of sensitive data and the use of removable devices, to name just a few. Having employees follow clearly defined steps really can be the difference between a cyber incident being a slight hiccup rather than a total disaster.
A thorough risk assessment will also be extremely useful. Starting with an asset inventory will enable an organisation to:
- Identify what is connected to a network
- Establish a baseline for network traffic to help identify existing gaps and potential security vulnerabilities tied to the OT environment
- Assists in formulating more effective protection methods
These findings can then be leveraged to create a cybersecurity strategy that is specific and detailed.
Feeding the appetite for security
In reality, industries and organisations differ in their acceptance of cybersecurity risk, which is sometimes referred to as ‘risk appetite’. Having a lower risk appetite leads to a high focus on cybersecurity, while a higher risk appetite translates into less rigorous cybersecurity practices. The reality is, however, that every business is in danger of attack. The primary focus for cyber criminals includes critical operators such as hospitals, data centres, government buildings, airports and banking. However, past experience shows that their targets also include premium commercial buildings, for example high-end offices, upmarket hospitality and retailers of all sizes.
Preparedness is unavoidable; thinking “it won’t happen to me” isn’t a defence. As with insurance, the better your cybersecurity, the better your protection and the quicker your business will bounce back after an incident. Moreover, cyber threats are constantly evolving and with OT systems being targeted more and more each day your facilities need to keep pace. Cyber criminals are finding new ways to bypass security and access data so it’s crucial that all stakeholders work together to raise the bar on protecting their investments. A hands-on, proactive approach to security will produce the best results, now and in the long-term.
And it’s won’t be getting any easier; the cyber criminals will see to that, so the longer you put off acting the harder it will become to secure your built environment. The convergence of OT and IT systems is also gaining pace, so it is essential that organisations are aware today of the risks across their OT environments and enhance their security provision to reduce the likelihood of successful cyberattacks, now. The bottom line is that the landscape of cybersecurity is changing and evolving in tandem with technological advancements. Facility managers are key decision makers in how to prevent and respond to security issues. As a result, it’s important they keep up to date with the latest insights and protection methods.
This can be challenging and a drain on resources is not properly handled. Facility managers should therefore always work with specialist suppliers that have the knowledge and experience to help formulate and install the most appropriate cybersecurity systems.