True Analytics™ - Energy Savings, Comfort, and Operational Efficiency
| October is Cyber Security Awareness Month
Perhaps the most enduring lesson we can learn is not to wait for when it happens, but be ready for when it does.
Chief Communications Officer,
Vice President, Marketing
we are reminded of the many national days that have been created to
acknowledge this or that. Whether they are important ones such as
our country’s national holidays like Labor Day, Presidents Day,
Independence Day, Memorial Day, etc. or whimsical national days and
even month’s that recognize such things as National Pie Day, National
Ampersand Day (yes, true), National Beer Lovers Day or American Cheese
Month, we are constantly reminded.
one “national thing month” that gets overlooked because it is usually
considered an “after-thought or it won’t happen to us” mentality, is
cyber security. October is National Cyber Security Awareness Month.
Sponsored by the Department of Homeland Security, National Cyber Security Awareness month is a reminder to us all to practice vigilance and utilize cyber protection measures both within our business environments as well as our personal ones.
When we talk about cyber security these days it often focuses on technology. As with many things, there are multiple sides that should be discussed. With cyber security, it's an issue that goes well beyond the technology. There is a business side that should be part of the discussion. From a business perspective, the negative consequences that cyber incidents can cause are disruptive and potentially catastrophic. The value of taking additional measures and procedures to increase the cyber security posture of your systems, far outweigh the risk of not making them secure.
security professionals used to warn that only two types of businesses
exist: those that have been hacked, and those that will. Now, many
divide the world’s businesses into two types--ones that know that they
have been hacked, and those that don’t.
was recently asked, while we’ve talked about cyber security for some
time now, when it comes to buildings and the systems that run them, do
you think we are embracing and practicing good cyber posture and
practices? My answer, cyber security continues to be the biggest issue
facing our industry. While some have and are taking it seriously, there
are many more who are not and nor is it part of their conversation.
example, according to Censys, a search engine that allows you to ask
questions about the devices and networks that compose the Internet, in
the United States, as of July 21, 2017 there was 4,672,221 exposed
building control devices; in the world, there were 12,395,101 exposed
building control devices.
am also reminded of a story I heard. After a cyber incident occurred at
a company (Name purposely not mentioned), it was reported that one of
the IT folks had complained to management about the issues leading up
to the breach and was told, 'listen, we sell hammers here,' or
something to that effect; we're not going to spend money on cyber
because it’s not a core function. Our core function is to sell hammers.
My thought, how many hammers must be sold to pay for the cost of stupidity?
it is unlikely that every company has experienced a cyber incident
(whether known or unknown), no business is immune. Just ask some of the
leading companies in the world: Fedex, Maersk, Mondelez, and Merck, all
of which have missed 2017 earnings projections because of cyber related
incidents. The assault on Merck was so crippling that it was forced to
halt production of its key drug lines, a disruption likely to undercut
profits for the rest of the year.
incidents have become the 3rd largest risk to businesses worldwide
according to a recent report from the Insurance Information Institute.
So, what are the business issues we need to be concerned with?
|Assessments and Ratings||Liability|
|Operational Shut Down
||$1.3M (Average Cost of a Cyper Incident)
In the wake of the number of cyber instances that continue to make the nightly news and the many, many more that don’t, take time to examine the cyber security posture of the systems and devices managing and operating your buildings. Ask yourself and the people who manage and operate them:
security is a business issue and not just a technical one. Effective
security must go beyond technology to encompass business strategy and
practice. The first and last line of good cyber practices is to have
strong corporate value systems and governance standards. Perhaps the
most enduring lesson we can learn is not to wait for when it happens,
but be ready for when it does. The operational, financial and
reputational impacts to a business are tremendous.
At the end of the day, cyber security comes down to two things, RISK-how much are you willing to take and COST-how much will failing to be cyber secure cost you?
Happy National Cyber Security Awareness Month.
[Click Banner To Learn More]
[Home Page] [The Automator] [About] [Subscribe ] [Contact Us]