The subject of ‘smart buildings’ is one which continues to gather momentum, as more and more ‘smart’ technologies enter the market, all of which are designed to help benefit the way you and your business operate.
According to a new report from Bain & Co, the investment in smart products (connected devices sending and receiving data) from businesses will surpass $520 billion by 2020.
Products – often described as the internet of things (IOT) – range from voice activation technology, sensors (think lights, temperature, room usage) and surveillance.
However, as the number of connected solutions increase, so does the risk of cyber attacks.
Jalal Bouhdada, founder and principal ICS security consultant at cyber security specialist’s Applied Risk, offers his advice to help to remain safe.
Don’t throw away the keys to your smart building – make cybersecurity a priority
The true potential of smart buildings is beginning to be realised. Increased connectivity, thanks to the rise of the Internet of Things (IoT), means building owners and managers can now understand how the technologies deployed within a facility are performing, so they can predict if maintenance is required before an alert is even triggered. Furthermore, temperature and lighting adjustments can be made to either save energy or increase employee productivity.
Deploying connected technologies in smart buildings
This technology enables positive growth, although with increased connectivity also comes a greater attack surface that attackers will seek to exploit. The question is, are building managers and owners taking the risks seriously? Possibly not, as evidenced when researchers were able take control of lighting, air conditioning, curtains and other equipment in a Marriot hotel room. This was achieved via vulnerable KNX network components, a network communication protocol for building management automation used in stadiums, hotels, airports and industrial facilities.
This is troubling, with hackers regularly scanning targets for easy access points, whether that be through poorly deployed sensors, CCTV cameras or access control systems. Once inside a network, they could attempt to shut down critical functions meaning a loss of productivity, or steal valuable data and demand ransom payments. That is why incorporating cybersecurity into smart buildings is a necessity.
Locking the doors to your smart building network
Deploying a secure by design approach is a must in smart building design. Cybersecurity should be thought about at the beginning of the design, development and deployment process, whether that be for a new build, or the integration of internet-connect systems into a pre-existing infrastructure. The latter point is often when problems arise. Installing new systems into old, insecure networks is just the sort of backdoor that hackers are seeking to exploit.
When deploying new technologies on a network, staff training is another vital undertaking. As the first line-of-defence for many businesses, identifying that malicious email, or knowing what devices should and shouldn’t be connected to a network without the appropriate risk assessments, is a skill that all employees should possess.
These are basic cybersecurity measures that building owners, suppliers and mangers must think about to ensure the security of smart buildings, but this isn’t just a lesson for the future. Many buildings are already smart and are getting smarter. Now is the time to prioritise the cybersecurity of the technologies deployed within buildings to ensure that a hacker doesn’t find a key to your businesses systems, your network, or your data.