October Is National Cyber Security Awareness Month Security must be considered a fundamental requirement for all our building and energy management systems.

Marc Petock, Vice President, Marketing Lynxspring & Connexx Energy Contributing Editor

We all know we live in a world that is more connected than ever before and that our systems and equipment that run our buildings are no exception. Networked building management systems bring many benefits but can expose organizations to cyber security issues.

Recognizing the importance of cyber security, October has been designated National Cyber Security Awareness Month. As a reminder, I thought I would provide links to  previous articles on the subject I did for automatedbuildings.com:

While a lot has happened since last year’s national cyber security awareness month, a few things have stood out for me:

Exposed Devices

Shodan is still showing us that there are still huge numbers of devices and systems openly exposed.

New Cyber Security Rulings and Legal Ramifications

Companies that fail to protect user data can now feel the wrath of the Federal Trades Commission (FTC).A panel of judges for the Third U.S. Circuit Court of Appeals unanimously recently ruled the FTC have the legal right to sue companies that fail to protect their customers’ data with proper cyber security measures.

The Securities and Exchange Commission pursued a company that allegedly failed to properly protect its clients’ data in what might be a first-of-its-kind enforcement action. Officials accused the firm of having no written policies for safeguarding customer information and data. The SEC said, the company did not conduct regular security risk assessments, encrypt sensitive client data or install a firewall, a common security measure that controls incoming and outgoing network traffic. And there are more on the way.

Cyber Instances Continue to Increase

Despite all the activity regarding cyber security, the number of cyber related instances continue to increase and not decrease. And the increases are significant.

Take this month and look at how your organization is doing relative cyber security? What is your plan? What are you doing? What should you be doing? Take time to examine the cyber security of the systems and devices managing and operating buildings.  Ask yourself and the people who manage and operate them:

• Are we secure?
• How do we know we’re not compromised today?
  
• How would we know?
  
• What would we do about it if we were?
  
• Are we prepared to face the threat?
• Do we have a cyber security statement?
  
• How about the companies in our supply chain? Do they?

Owners, operators and facility managers, secure your installations using best practices. Don’t overlook the security of your supply chain providers; demand and insist on protection from cyber threats. Verify that the third party is protecting your systems and access to them adequately.

[an error occurred while processing this directive]Integrators and contractors examine and review your security practices within your organization and how it relates to your customers. Also take the time to review all of your deployments and the security of these installations to ensure the systems and networked devices are properly protected.

Technology providers incorporate security features and functions into your solutions and educate users on secure practices with your technology.

Cyber security is a business issue and the cyber protection of building automation systems plays in the operation of our businesses. The operational, financial and reputational impact to a business is tremendous and it's on all of us to make cyber security a business case. Cyber security can no longer be thought of as a “nice to have.”  Security must be considered a fundamental requirement for all our building and energy management systems.

[an error occurred while processing this directive]
[Click Banner To Learn More]

[Home Page]  [The Automator]  [About]  [Subscribe ]  [Contact Us]