Smart Building Industry Mulls Cybersecurity Challenges

New attraction and curiosity for infosec at the Intelligent Buildings Conference this week.

A glance at the schedule for
this weeks IB Con conference
in Silicon Valley on intelligent buildings makes it clear that the building industry knows cybersecurity is a topic they must address.
According to Idan Udi Edry of Nation-E, who appeared as a panelist at IB Con, the industry has evolved past a dutiful attitude towards cybersecurity, and instead displayed an attraction and curiosity for the topic.
This year there was a change, Edry says.
The smart building industry -- connecting operational technology (OT) like HVAC sytems, elevators, surveillance, lighting, water, and the candy bar machine, to information technology -- is growing faster than either IT or OT pros can keep up with.
According to Navigant Research, total global revenue from the commercial building automation industry is already $70 billion, and will increase to $101 billion over the five years. The growth is expected to be particularly great in the Asia-Pacific region, where the demand for smart building technology is accelerating due to programs like the Indian governments $15 billion Smart Cities India program.
The
Black Hat’s CISO Summit
August 2 offers executive-level insights into the technologies and issues security execs need to keep pace with the speed of business.
Click to register.
One of the key components of many smart buildings is the Building Management System (BMS). A BMS system may integrate facility access controls, surveillance, HVAC, lighting, power, elevators, fire safety, etc.
Nevertheless, if a cyberattacker zeroes in on a BMS system, The target is not necessarily the building, says Edry.
A BMS system wouldnt necessarily need to interact with the CRM system your sportswear company is running up on the 15th floor, or the e-ticketing system the entertainment company is running on the 30th floor. However, if a denial-of-service attack on the BMS managed to take out the power for the entire building, it would cause a very bad day for all the businesses in that building. And thats just the beginning of it.
Edrys bigger concern is that OT and IT teams dont work together to spend enough time thinking about each other.
Despite all the advancements in IT technology, for example, OT still hasnt changed, he says. Whether you bought your generator today or 10 years ago (or longer) the communication protocols are the same. Everything still has a serial port, Edry says, and that creates a vulnerability that IT professionals might not think about.
It doesnt matter how much you invest in securing your IT, Edry says. If you dont also take into account the OT, youre missing something, and leaving yourself vulnerable.
So step one to a smart building cybersecurity strategy? Edrys advice: map all the buildings assets, both IT and OT alike, in one place.
There is always going to be a conflict between the IT and the engineering departments. The direction must come from the top.
Edry says that this is beginning to happen. Because regulations and cyber insurance policies are now mandating certain protections on critical assets -- including cyber-physical systems in smart buildings -- OT engineers are now talking to their boards of directors about cybersecurity.
Real change, says Edry. The strategy has changed.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
Smart Building Industry Mulls Cybersecurity Challenges