Networked devices increase cyber risks for building systems

Issue 5 2022 News

Companies face an increasing but under-recognised threat from cyberattacks on building systems, and facilities managers need to act now with IT professionals to address the issue, independent research and advisory firm Verdantix is warning.

It highlights how a sharp rise in the number of connected devices across building systems mean that the operational technology (OT) used to run facilities creates a growing risk of cyberattack. Connected OT networks are converging with their IT counterparts, blurring traditional lines of responsibility for cybersecurity, just as ageing building systems require replacement and the number of attacks rises.

Without sufficient security controls, Verdantix warns that these systems are introducing significant new risks and more entry points for cybercriminals to exploit. The past five years have seen a massive explosion of Internet of Things (IoT) sensors and smart devices deployed, with firms frequently selecting these smart devices based on cost and functionality, resulting in facilities having many devices with poor built-in cybersecurity controls.

Verdantix’s ‘Best Practices: Enhancing Your Smart Building Cyber Security Programme’ found that firms are not aware of the full extent of their risk exposure from their OT, as they often do not keep registers of connected devices, or the level of cybersecurity protection provided.

Compiled after interviews with experts from the cybersecurity, IT and building technology sectors, the report shows how companies can adapt. Its publication comes as more connected devices via the IoT transform the landscape, but just 32% of firms evaluate IoT security risks as part of the onboarding process for third parties, and just 54% run penetration tests on their IoT devices.

Rodolphe D’Arjuzon, global head of research at Verdantix, said: “The first step for rebooting a smart building cybersecurity strategy is defining clear responsibilities and embedding cyber management into facilities operations across procurement, technology management and staff training.

“Facilities managers should not develop a siloed cyber programme on their own, but rather partner with their IT and security peers to integrate cybersecurity into different building management processes.”


Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

Cyber resilience is more than cybersecurity
Technews Publishing Cyber Security Integrated Solutions IT infrastructure
Hi-Tech Security Solutions held a round-table discussion focusing on cyber resilience and found that while the resilience discipline includes cybersecurity, it also goes much further.

Johnny Aucamp joins iPulse exco
Johnny Aucamp has joined iPulse Systems as its chief sales officer (CSO), adding a massive boost to the executive team.

From the editor's desk: Security and resilience
Technews Publishing News
It’s often said that South Africans are a resilient bunch, and history has proven this correct. When it comes to security, both cyber and physical, resilience is key to an effective defensive plan. ...

Hikvision aims for solutions
Technews Publishing Hikvision South Africa Editor's Choice CCTV, Surveillance & Remote Monitoring News Integrated Solutions Conferences & Events
Hikvision recently held a roadshow titled Industry X, where the company highlighted its latest products and solutions, supported by partners and distributors.

Olarm launches Pro 4G communicator
Olarm News Perimeter Security, Alarms & Intruder Detection Products
Olarm has announced an additional 4G/LTE version of its Olarm Pro smart communicator. It is aimed at areas suffering from poor connectivity by providing support for 4G, 2G and Wi-Fi networks.

ADI Expo returns to South Africa
Technews Publishing ADI Global Distribution News
September saw the return of the ADI Expo to South Africa. The Johannesburg event was held at the Focus Rooms and the Durban event, two days later, at the Southern Sun Elangeni & Maharani.

Technoswitch Awards dinner for 2022
Technews Publishing News Fire & Safety
Technoswitch hosted its fifth awards dinner at Montecasino in September, where customers and suppliers celebrated a year of success.

Suprema joins FiRa Consortium
Suprema News Access Control & Identity Management
Suprema recently became a member of the FiRa Consortium, a consultative body that establishes standards for ultra-wideband (UWB) technology, the next generation of wireless communication.

Reliable, low-maintenance video appliances
Technews Publishing Editor's Choice CCTV, Surveillance & Remote Monitoring News IT infrastructure Products
Symetrix, part of the Agera Group, has added the AES range of video recording servers, storage appliances and workstations to its portfolio.

ZYTEQ Fire Engineering Summit 2022
ZYTEQ Fire Fire & Safety News
Cape Town-based ZYTEQ Fire hosted its inaugural Engineering Summit at the Commodore Hotel in Cape Town and the Leonardo Hotel in Sandton, Johannesburg.