October 2014
Article
AutomatedBuildings.com

Innovations in Comfort, Efficiency, and Safety Solutions.
Belimo

(Click Message to Learn More)


October is Cybersecurity Awareness Month

October 1st marks the beginning of the 11th annual Cybersecurity Awareness Month. Yes this is the 11th year.

Marc Petock


Marc Petock,

Vice President, Marketing
Lynxspring &
Connexx Energy
Articles
Interviews
Releases
New Products
Reviews
Blue Ridge Technologies
Editorial
Events
Sponsors
Site Search
Newsletters
Cube
Archives
Past Issues
Home
Editors
eDucation
Belimo
Training
Links
Software
Subscribe
Distech Controls

How many organizations still treat cybersecurity as they did 11 years ago? How about five years ago? Or even as a year ago? Shockingly, most companies are still relying on outdated, only partially effective methods.

While buildings are smarter and more connected than ever before, when it comes to cybersecurity, they are stuck in the 1980s.Today’s connected business world means there are thousands of entry points in and out of companies. It is impossible to miss the continued headlines on the latest breaches and cyberattacks. We have witnessed that BMS and EMS technology have weaknesses, such as inadequate password protection, software that can be breached and various unmonitored/unprotected access points within the network. Cyberattacks today are more sophisticated and targeted than ever before.The truth is that network security and the security of devices and systems do not work as well as we thought.

Cybersecurity protection and defense prevention for building automation systems and the operational technology that operate and manage our facilities is now a necessity and should not be treated differently than an IT network when it comes to cybersecurity. Just like an IT network, building automation networks should have multiple layers of defense and protection as well as policies and procedures that are continuously addressed. In fact, cybersecurity should be an integral part of the design of intelligent buildings and today’s building automation system and not an afterthought; it has gone from a nice-to-have to a must-have.

When it comes to cybersecurity, there are three types of companies (a) those that have been hacked and admit it, (b) those that have been hacked and don't admit it, and (c) those that will soon be hacked.

As part of Cybersecurity Awareness Month, take time to examine the cybersecurity posture of the systems and devices managing and operating your buildings.  Ask yourself and the people who manage and operate them:

As you do keep the following in mind:

Cybersecurity is a shared responsibility among technology providers, integrators/contractors, building owners and operators. Enlist facility personnel, building owners and IT and get them to understand the business risks associated with insufficient cybersecurity practices and weak postures.

Reliable Controls Owners, operators and facility management don’t overlook the security of your supply chain providers.  Cyberattacks can come through third parties and a breach in one partner’s environment can easily propagate across today’s connected systems. When it comes to your supply chain, exercise due diligence before engaging with third party providers; include appropriate cyberprotection in contracts with technology service providers; take adequate measures to verify that the third party is protecting your systems and access to them adequately. Contracts with vendors should address cybersecurity by including an obligation to maintain reasonable cybersecurity, and provide notice when the vendor has a breach of their systems.

As part of the value chain, integrators and contractors examine and review your security practices within your organization and how it relates to your customers. Also take the time to review all of your deployments and the security of these installations to ensure the systems and networked devices are properly protected. Integrate a cybersecurity strategy for the systems and secure remote access to them with additional layers of defenses into all new deployments.

Cyberthreats against the building environment are real. There's no issue that has become more important, that's less understood, than cybersecurity in buildings and facilities. Our building networks and systems are not immune to cyberissues. The best way to approach cyberthreats is to realize one simple truth; it is not if an attack will happen; it is only when. It is all of our responsibility to take an active role. Stay ahead of the curve.


About the Author

Marc Petock is Vice President, Marketing at Lynxspring and Connexx Energy where he leads corporate and product marketing strategy and execution, brand management, public relations and communications to support both companies strategic and growth initiatives. Marc is a contributing author, noted speaker and recognized industry leader having earned Realcomm’s “Top 35 People to Watch” for the last seven years in a row, Who’s Who in M2M, a Digital Impact Award and several other industry accolades. Marc also serves on the board of directors of Connexx Energy and Project Haystack and is an advisor to Realcomm.

Lynxspring along with Netop recently launched LYNX CyberPRO, the industry’s first cyber-threat protection solution designed specifically to enhance the protection of commercial building automation and energy management systems. For more information visit www.lynxcyberpro.com.

footer

Alerton
[Click Banner To Learn More]

[Home Page]  [The Automator]  [About]  [Subscribe ]  [Contact Us]

Events

Want Ads

Our Sponsors

Resources