Smart Buildings

We Must Develop a Unified Approach to Cybersecurity

“Perhaps one of the greatest fears shared by critical infrastructure professionals in today’s age of connected infrastructure is the risk for a cyber attack that goes beyond data theft and can bring down the entire facility HAVAC system or a high-rise tower control system and even threatens occupants’ lives,” says Dr Rida Hamza, VP of Critical Infrastructure Protection at Parsons. “This pervasive introduction of sensors and connected devices into our lives and with such a divergent and broad technical understanding required to execute this transformation quickly, it begs the question of how well versed and disciplined we are in applying proper measures,” Hamza continues. There have now been enough cyber attacks for everyone to understand that there is a danger and to know that they must protect their systems or face potentially catastrophic consequences. The time has come to stop complaining about cyber attacks and focus on how to protect our emerging smart society. “I […]

Stay ahead of the pack

with the latest independent smart building research and thought leadership.

Have an account? Login

Subscribe Now for just $200 per year per user (just $17 USD per month) for Access to Quality Independent Smart Building Research & Analysis!

What Exactly Do you Get?

  • Access to Website Articles and Notes. Unlimited Access to the Library of over 1,700 Articles Spanning 10 Years.
  • 10% discount on ALL Memoori Research reports for Subscribers! So if you only buy ONE report you will get your subscription fee back!
  • Industry-leading Analysis Every Week, Direct to your Inbox.
  • AND Cancel at any time
Subscribe Now

“Perhaps one of the greatest fears shared by critical infrastructure professionals in today’s age of connected infrastructure is the risk for a cyber attack that goes beyond data theft and can bring down the entire facility HAVAC system or a high-rise tower control system and even threatens occupants’ lives,” says Dr Rida Hamza, VP of Critical Infrastructure Protection at Parsons.

“This pervasive introduction of sensors and connected devices into our lives and with such a divergent and broad technical understanding required to execute this transformation quickly, it begs the question of how well versed and disciplined we are in applying proper measures,” Hamza continues.

There have now been enough cyber attacks for everyone to understand that there is a danger and to know that they must protect their systems or face potentially catastrophic consequences. The time has come to stop complaining about cyber attacks and focus on how to protect our emerging smart society.

“I see no helpful reason to cry wolf or further project the ominous and dire warnings about damaging cyber events, hacks, outages or problems. We are aware of those on our own. We should be talking about solving or improving the work that we do, the difficulty of the task at hand. We should be promoting concepts that deliver positive outcomes and improve this smart infrastructure,” says Hamza.

One of the key cultural barriers holding back our security efforts is the digitization of operational technology. OT has traditionally been kept separate from IT networks and all things cyber, both good and bad. However, the Internet of Things (IoT) has presented too many potential benefits to ignore, and for many of the people who own and operate those OT systems, cyber-threats appear to be too easy to forget. More often than not, connected equipment is purchased and installed with little thought of cybersecurity. Protective measures are then added as an afterthought, usually bolted on through a software modification in reaction to an attack.

The reality is that IT and OT can no longer be considered separate in our smart buildings and cities, while operational by function our connected OT systems are now driven by data. The majority of OT networks are transited over a building’s IT networks, utilizing the same internet protocols, operating systems, and often connected wirelessly. Unless cybersecurity is applied to smart-OT at the earliest stages of development, we will lose ground in the war with cybercriminals and hold back the development of our smart future. The IT community knows this all too well.

“In the past, the IT teams delivered digital systems to achieve corporate efficiencies: office tools, email, internet-connected business processes and other improvements to corporate performance and personal quality of life measures. When we tried to bolt on cybersecurity, we often disrupted the performance of the digital systems we were trying to protect. The cyber efforts often collided with system performance, all without even understanding the IT department’s mission of delivering digital capabilities,” says Hamza.

“Today is not much different. If we are to converge cybersecurity with our infrastructure systems, we need to have a unified approach. If we don’t accomplish this, we will just repeat the IT and cyber errors that have been the bane of business delivery and customer satisfaction,” Hamza continued in an article on ME Construction News.

We need a unified approach to cybersecurity across OT and IT systems in our smart buildings and cities, and we need to need to apply that approach from the earliest design phases. If we are motivated to invest in smart technology for all the benefits it can bring, then surely the potential loss of those systems through cyberattack is motivation enough to protect them effectively. However, cyberattacks not only disrupt systems and steal data, they also have the potential to cause irreparable damage and endanger people’s lives.

“While it remains an attractive and futuristic concept to have truly smart cities and mind-blowing technology at our fingertips, there are many steps to be taken to ensure that it is safe to step into that advanced world,” says David Emm, principal security researcher at Kaspersky Lab. “Cybercriminals are licking their lips at the prospect of havoc and financial gain that smart cities present them, and we must not oblige by depending on networks that aren’t safe, and easily hackable.”

As is all too often the case, we will have to look towards governments to introduce strong cybersecurity regulation. That appears to be the only way to ensure that all connected aspects of smart buildings and cities are operating at the same minimum standards.

Only regulation can force every OEM to put their equipment through extensive security planning and design. Only regulation will guarantee those building owners and operators invest in secure smart systems. As governments around the world brag about their smart credentials they also set their citizens up for cyber-disaster unless they take action to mandate effective cybersecurity standards.

“Governments the world over have to set cybersecurity regulations, including how security is designed and maintained in connected devices that will circulate throughout buildings, from smart lighting to networked door systems,” says Emm, who previously spoke to us on cybersecurity culture. “It is the responsibility of governments and cybersecurity firms to ensure that awareness and knowledge is spread on how to defend against cybercriminals, particularly as nearly every aspect of our lives now involves being online or using connected devices.”

Most Popular Articles

Danfoss Fire Siemens Data Centers
Security

What’s Behind Siemens Acquisition of Danfoss Fire Safety?

This Research Note examines what’s behind the acquisition of Danfoss Fire Safety A/S by Siemens Smart Infrastructure announced on 8th October 2024. We review the transaction details, the strategic rationale, the SEM-SAFE fire protection system, and deployments before assessing how this acquisition fits into Siemens fire safety portfolio. Transaction Details Siemens Smart Infrastructure has agreed […]

Complimentary Article AI Energy Management HVAC Optimization
Energy

Energy Management Software for HVAC Optimization Market

In today’s complex commercial real estate landscape, energy management has become a critical focus for asset managers, property managers, and facilities managers. As urbanization accelerates, energy demand grows, and the energy market becomes more volatile, optimizing energy use is no longer just about lowering costs, it has become a key factor in achieving sustainability, resource […]

dormakaba access control financial results
Security

dormakaba Access Solutions Business & FY2023/24 Financials Examined

In this Research Note, we examine one of the top three companies in the global access solutions market, dormakaba. Based on their FY2023/2024 financial results, year ending 30 June 2024 and their latest corporate presentation, this article highlights their solutions portfolio, financial highlights, and the latest results of their two business segments. dormakaba is listed […]

Subscribe to the Newsletter & get all our Articles & Research Delivered Straight to your Inbox.

Please enter a valid email

Please enter your name

Please enter company name

By signing up you agree to our privacy policy