Some glaring weaknesses remain when it comes to managing the security of large commercial buildings, according to Michael Skurla, chief product officer and co-founder at Radix IoT, who was speaking on a cyber security panel at the Smart Workplace Summit, which continues in room CC56.1 from 15:30 today.
“Commercial buildings are built and managed by one entity, but the tenants are usually responsible for what goes on on each floor,” he explained. “So you have 20 to 50 tenants, each with layers of IT and security protocols, and organisations managing the building have to integrate with all this, and while they do the best they can they don’t have a structure to lean on. It’s not a technology problem per se, but the way that construction and the building world operates in a highly siloed and fractured way.”
Shaun Reardon, principal cyber security consultant at DNV, sees the same weakness in the multi-vendor supply chain, as security often isn’t considered in a holistic way during projects. “We are commissioned to hack various systems and risk critical errors always emerge in the interfaces between different systems, such as a shared GPS clock,” he noted. “Integrators should remember that sometimes, the strength of their system will inadvertently exploit the weakness in another system. So individually they’re clear but if you put it all together it’s a ticking time bomb.”
