Smart Buildings

We Must Develop a Unified Approach to Cybersecurity

“Perhaps one of the greatest fears shared by critical infrastructure professionals in today’s age of connected infrastructure is the risk for a cyber attack that goes beyond data theft and can bring down the entire facility HAVAC system or a high-rise tower control system and even threatens occupants’ lives,” says Dr Rida Hamza, VP of Critical Infrastructure Protection at Parsons. “This pervasive introduction of sensors and connected devices into our lives and with such a divergent and broad technical understanding required to execute this transformation quickly, it begs the question of how well versed and disciplined we are in applying proper measures,” Hamza continues. There have now been enough cyber attacks for everyone to understand that there is a danger and to know that they must protect their systems or face potentially catastrophic consequences. The time has come to stop complaining about cyber attacks and focus on how to protect our emerging smart society. “I […]

Stay ahead of the pack

with the latest independent smart building research and thought leadership.

Have an account? Login

Subscribe Now for just $180 USD per year per user ( just $15 USD per month) for Access to Quality Independent Smart Building Analysis!

What Exactly Do you Get?

  • Read every article published in full and get unlimited access to our archive of over 1,400 articles.
  • 10% discount on ALL Memoori Research reports for Subscribers! So if you only buy ONE report you will get your subscription fee back!
  • Industry-leading Analysis Every Week, Direct to your Inbox.
  • AND Cancel at any time
Subscribe Now

“Perhaps one of the greatest fears shared by critical infrastructure professionals in today’s age of connected infrastructure is the risk for a cyber attack that goes beyond data theft and can bring down the entire facility HAVAC system or a high-rise tower control system and even threatens occupants’ lives,” says Dr Rida Hamza, VP of Critical Infrastructure Protection at Parsons.

“This pervasive introduction of sensors and connected devices into our lives and with such a divergent and broad technical understanding required to execute this transformation quickly, it begs the question of how well versed and disciplined we are in applying proper measures,” Hamza continues.

There have now been enough cyber attacks for everyone to understand that there is a danger and to know that they must protect their systems or face potentially catastrophic consequences. The time has come to stop complaining about cyber attacks and focus on how to protect our emerging smart society.

“I see no helpful reason to cry wolf or further project the ominous and dire warnings about damaging cyber events, hacks, outages or problems. We are aware of those on our own. We should be talking about solving or improving the work that we do, the difficulty of the task at hand. We should be promoting concepts that deliver positive outcomes and improve this smart infrastructure,” says Hamza.

One of the key cultural barriers holding back our security efforts is the digitization of operational technology. OT has traditionally been kept separate from IT networks and all things cyber, both good and bad. However, the Internet of Things (IoT) has presented too many potential benefits to ignore, and for many of the people who own and operate those OT systems, cyber-threats appear to be too easy to forget. More often than not, connected equipment is purchased and installed with little thought of cybersecurity. Protective measures are then added as an afterthought, usually bolted on through a software modification in reaction to an attack.

The reality is that IT and OT can no longer be considered separate in our smart buildings and cities, while operational by function our connected OT systems are now driven by data. The majority of OT networks are transited over a building’s IT networks, utilizing the same internet protocols, operating systems, and often connected wirelessly. Unless cybersecurity is applied to smart-OT at the earliest stages of development, we will lose ground in the war with cybercriminals and hold back the development of our smart future. The IT community knows this all too well.

“In the past, the IT teams delivered digital systems to achieve corporate efficiencies: office tools, email, internet-connected business processes and other improvements to corporate performance and personal quality of life measures. When we tried to bolt on cybersecurity, we often disrupted the performance of the digital systems we were trying to protect. The cyber efforts often collided with system performance, all without even understanding the IT department’s mission of delivering digital capabilities,” says Hamza.

“Today is not much different. If we are to converge cybersecurity with our infrastructure systems, we need to have a unified approach. If we don’t accomplish this, we will just repeat the IT and cyber errors that have been the bane of business delivery and customer satisfaction,” Hamza continued in an article on ME Construction News.

We need a unified approach to cybersecurity across OT and IT systems in our smart buildings and cities, and we need to need to apply that approach from the earliest design phases. If we are motivated to invest in smart technology for all the benefits it can bring, then surely the potential loss of those systems through cyberattack is motivation enough to protect them effectively. However, cyberattacks not only disrupt systems and steal data, they also have the potential to cause irreparable damage and endanger people’s lives.

“While it remains an attractive and futuristic concept to have truly smart cities and mind-blowing technology at our fingertips, there are many steps to be taken to ensure that it is safe to step into that advanced world,” says David Emm, principal security researcher at Kaspersky Lab. “Cybercriminals are licking their lips at the prospect of havoc and financial gain that smart cities present them, and we must not oblige by depending on networks that aren’t safe, and easily hackable.”

As is all too often the case, we will have to look towards governments to introduce strong cybersecurity regulation. That appears to be the only way to ensure that all connected aspects of smart buildings and cities are operating at the same minimum standards.

Only regulation can force every OEM to put their equipment through extensive security planning and design. Only regulation will guarantee those building owners and operators invest in secure smart systems. As governments around the world brag about their smart credentials they also set their citizens up for cyber-disaster unless they take action to mandate effective cybersecurity standards.

“Governments the world over have to set cybersecurity regulations, including how security is designed and maintained in connected devices that will circulate throughout buildings, from smart lighting to networked door systems,” says Emm, who previously spoke to us on cybersecurity culture. “It is the responsibility of governments and cybersecurity firms to ensure that awareness and knowledge is spread on how to defend against cybercriminals, particularly as nearly every aspect of our lives now involves being online or using connected devices.”

Most Popular Articles

Spacewell Nemetschek Group
Smart Buildings

Spacewell Smart Building Management Business & Financials 2022 Examined

In this Research Note, we examine Spacewell, part of the Manage segment of Nemetschek, which provides software for the management and operations phase in the building lifecycle. This article is based on their 2022 annual results, investor presentations, the Annual Report of the parent company, published on 23rd March 2023 and the group’s strategy in […]

Net Zero Buildings Balfour Hospital
Energy

Net Zero Buildings Explored – The Balfour Hospital

The Balfour Hospital in Kirkwall, on the remote Scottish islands of Orkney, has established itself as the first fully net-zero National Health Service (NHS) hospital in the UK in 2019. The £65 million facility, designed to accommodate 49 patients, has pioneered an innovative and sustainable approach to design, construction, and operation processes. Delivered by the […]

CXApp SPAC
Smart Buildings

Smart Building SPAC Trend Continues with Hybrid Work Play CXApp

Since 2019 the business world has been inundated with high-profile SPAC deals. And while we have certainly seen a slowdown in SPAC deals in recent months, the SPAC trend is by no means over. In the smart building industry, a new SPAC was completed this month, as workplace experience platform provider CXApp completed a business […]

Subscribe to the Newsletter & get all our Articles & Research Delivered Straight to your Inbox.

Please enter a valid email

Please enter your name

Please enter company name

By signing up you agree to our privacy policy