Smart Building Industry Mulls Cybersecurity Challenges

  /     /     /  
Publicated : 22/11/2024   Category : security


Smart Building Industry Mulls Cybersecurity Challenges


New attraction and curiosity for infosec at the Intelligent Buildings Conference this week.



A glance at the schedule for
this weeks IB Con conference
 in Silicon Valley on intelligent buildings makes it clear that the building industry knows cybersecurity is a topic they must address.
According to Idan Udi Edry of Nation-E, who appeared as a panelist at IB Con, the industry has evolved past a dutiful attitude towards cybersecurity, and instead displayed an attraction and curiosity for the topic.  
This year there was a change, Edry says.  
The smart building industry -- connecting operational technology (OT) like HVAC sytems, elevators, surveillance, lighting, water, and the candy bar machine, to information technology -- is growing faster than either IT or OT pros can keep up with.
According to Navigant Research, total global revenue from the commercial building automation industry is already $70 billion, and will increase to $101 billion over the five years. The growth is expected to be particularly great in the Asia-Pacific region, where the demand for smart building technology is accelerating due to programs like the Indian governments $15 billion Smart Cities India program.  
The 
Black Hat’s CISO Summit
 August 2 offers executive-level insights into the technologies and issues security execs need to keep pace with the speed of business.
Click to register.
One of the key components of many smart buildings is the Building Management System (BMS). A BMS system may integrate facility access controls, surveillance, HVAC, lighting, power, elevators, fire safety, etc.
Nevertheless, if a cyberattacker zeroes in on a BMS system, The target is not necessarily the building, says Edry. 
A BMS system wouldnt necessarily need to interact with the CRM system your sportswear company is running up on the 15th floor, or the e-ticketing system the entertainment company is running on the 30th floor. However, if a denial-of-service attack on the BMS managed to take out the power for the entire building, it would cause a very bad day for all the businesses in that building. And thats just the beginning of it.
Edrys bigger concern is that OT and IT teams dont work together to spend enough time thinking about each other.
Despite all the advancements in IT technology, for example, OT still hasnt changed, he says. Whether you bought your generator today or 10 years ago (or longer) the communication protocols are the same. Everything still has a serial port, Edry says, and that creates a vulnerability that IT professionals might not think about.
It doesnt matter how much you invest in securing your IT, Edry says. If you dont also take into account the OT, youre missing something, and leaving yourself vulnerable. 
So step one to a smart building cybersecurity strategy? Edrys advice: map all the buildings assets, both IT and OT alike, in one place.  
There is always going to be a conflict between the IT and the engineering departments. The direction must come from the top.  
Edry says that this is beginning to happen. Because regulations and cyber insurance policies are now mandating certain protections on critical assets -- including cyber-physical systems in smart buildings -- OT engineers are now talking to their boards of directors about cybersecurity.
Real change, says Edry. The strategy has changed.
 

Last News

▸ Some DLP Products Vulnerable to Security Holes ◂
Discovered: 23/12/2024
Category: security

▸ Scan suggests Heartbleed patches may not have been successful. ◂
Discovered: 23/12/2024
Category: security

▸ IoT Devices on Average Have 25 Vulnerabilities ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Smart Building Industry Mulls Cybersecurity Challenges