Tweet

June 2020
Interview

AutomatedBuildings.com

[an error occurred while processing this directive]
(Click Message to Learn More)



 

Steve Fey

EMAIL INTERVIEWSteve Fey & Ken Sinclair

Steve Fey, CEO, Totem Buildings

 Industry expert in building controls, career entrepreneur, CEO of Tridium during its growth phase, and recently President of Proxios, a Richmond-based IT-as-a-Service provider.  Steve holds a B.S. from Cornell University in Electrical Engineering.


Platform for Assessing and Managing Cybersecurity Risks

What was needed was a scalable, software solution and a software-experienced leadership team.              


Articles
Interviews
Releases
New Products
Reviews
[an error occurred while processing this directive]
Editorial
Events
Sponsors
Site Search
Newsletters
[an error occurred while processing this directive]
Archives
Past Issues
Home
Editors
eDucation
[an error occurred while processing this directive]
Training
Links
Software
Subscribe
[an error occurred while processing this directive]

Sinclair:  What is Totem Buildings?

Fey:  Totem Buildings has developed the industry’s first software platform for assessing and managing the cybersecurity risks associated with all types of operational technology systems in the non-residential buildings market.  And most importantly, all from a single dashboard or on a mobile app.

As a result of the COVID-19 pandemic, we have responded to public health concerns by including a contractor health-risk screen that is quick and convenient and provides a "boarding pass” approach for contractors to enter and service buildings while also providing rollup reporting to building managers and executives. 

Sinclair:  How did Totem get started?

Fey:  The Founders of Totem Buildings are Rob Murchison and Tom Shircliff of Intelligent Buildings.  Since 2004, Intelligent Buildings has provided consulting and services to the largest real estate owners in the world including federal governments in the US, Canada and Singapore, dozens of Fortune 500 companies, REITs, large military bases and higher education.  Approximately four years ago, their consulting practice expanded to include OT cybersecurity assessments.

It quickly became apparent that the entire OT industry was unprepared to deal with the multitude of cybersecurity threats.  Building owners were quietly experiencing industry losses through ransomware, downtime, unnecessary service calls and rising cost structure. However, consulting is not a scalable solution given the breadth and depth of the problem – what was needed was a scalable, software solution and a software-experienced leadership team.

Rob and Tom connected with me in the summer of 2018, and in January 2019 we launched Totem Buildings.  Many of your readers may remember me from my time at Tridium, where I led the company from 2006 to 2012, before leaving to run an IT Managed Services company in Richmond, Virginia.

Sinclair:  How pervasive are cybersecurity threats to our industry?

Fey:  Two recent studies from last year underline the problem.  According to
Kaspersky, one of the leading providers of anti-virus software, 37.8% of smart building automation systems were affected by malicious cyber-attacks in the first half of 2019.  Harvard Research released a study showing that 60% of attacks on publicly traded companies were traced to IT systems from suppliers and third parties such as contractors.  This is precisely what happened to Target stores because of stolen user credentials from an HVAC contractor.

Sinclair:  How does the Totem platform manage cybersecurity risk?

Fey:  The first thing to understand about managing cybersecurity risk is that it is a process challenge.  Cyber threats are continuously changing as cybercriminals identify vulnerabilities and quickly develop means to exploit them.  The OT industry is particularly vulnerable when compared to IT (Information Technology) because the focus of our industry has always been on operational functionality, not the security of the system itself.  As a result, so many of the installed systems have obvious vulnerabilities including public facing IP addresses, manufacturer default passwords that have not been changed or removed, unencrypted network communications and inadequate backups.  The Totem platform is used by automation contractors and building owners to identify these vulnerabilities through a combination of audits and real time monitoring.  Totem has also developed standard security policies and procedures to follow when designing and managing control systems.  We refer to systems that have been installed according to this standard as Totem TrustedTM.

Sinclair:  How does Totem Buildings go to market?

Fey:  Totem is marketing on a worldwide basis through Totem TrustedTM Partners.  These companies include automation distributors, Master System Integrators, and OT Managed Service providers.  Through the Totem platform, our objective is to provide the same companies that are installing and supporting control systems today with the knowledge and tools to secure these systems for their customers.  As I mentioned previously, managing cybersecurity risk is a process challenge.  For Totem TrustedTM Partners, the Totem software forms the basis of a subscription-based, managed service that our partners provide to their customers after the system has been installed.  Systems that go unmanaged may start out as secure, but will quickly degrade if attention is not paid to all of the risk areas on a continuous basis.

[an error occurred while processing this directive]Sinclair:  How has Totem Buildings adjusted to the COVID-19 pandemic? 

Fey:  As mentioned earlier, we’ve just released a highly flexible, health risk survey that can be used to manage contractor personnel and building occupants before being cleared to enter a building.  The survey tool is available for the next 90 days at no charge.  This is a great way for building owners to raise everyone’s confidence in returning to work.  Also, we are also offering a special sign-up package for new Totem TrustedTM Partners that delays our normal sign-up fees for 90 days.  As part of the package, we have moved our certification training class on-line and the price lowered to $100 per student.

Sinclair:  How do I learn more about Totem Buildings?

Fey:  Our web site is www.totembuildings.com.  I can be reached at Steve.fey@totembuildings.com.  We are actively recruiting partners at this time, so please contact me if you are interested in learning more.


More about Steve in this article Working Remotely - the New Norm! Published on March 21, 2020


footer

[an error occurred while processing this directive]
[Click Banner To Learn More]

[Home Page]  [The Automator]  [About]  [Subscribe ]  [Contact Us]

Events

Want Ads

Our Sponsors

Resources