Cybersecurity

As a real estate executive, you are responsible for cybersecurity risks that go beyond traditional IT and into your building control systems and contractors. This page will provide foundational information, guidance and a path to risk management. 

Since the 1980s, building control systems manufacturers such as Johnson Controls, Honeywell, Siemens, Schneider, Otis, Lutron and others have been designing their operational technology (OT) systems to work on and depend on computer servers, operating systems, protocols, local area networking (LAN) and remote Internet access along with other information technology (IT) attributes.

Read more

However, those responsible for designing, installing and maintaining them for the past 40 years such as architects, engi­neers, contractors, facility managers, property managers, and asset managers have neither IT nor cybersecurity skills. Thus, the systemic risk is that the entire building control systems value chain does not have IT skill sets. Therefore, the size of the risk and the opportunity is immense because this is a legacy building stock problem and not a modern, so-called Smart Building problem.

“…the systemic risk is that the entire building control systems value chain does not have IT skill sets.”

;

DOWNLOAD: Cyber Brochure

;

DOWNLOAD: Cyber Whitepaper

To further complicate the problem, traditional IT and IoT companies, solutions, and professionals lack the technical knowledge and cultural awareness of building OT systems.

[More...]

Many IT firms have attempted to provide Smart Building solutions and services related to controls systems and have failed with the exception of traditional back-office software, such as work order management and asset management, along with some high-level database, data lake and analytics solutions that are generally disconnected from the front-line building systems. As a result, IT companies are virtually non-existent in the building controls OT cybersecurity world.

“…traditional IT and IoT companies, solutions and professionals lack the technical knowledge and cultural awareness of building OT systems.”

CRE building controls systems such as HVAC, elevator, lighting, parking, and access control that are not cybersecurity managed create imminent risks for:

Life Safety

Equipment Replacement

Core-network Intrusion

Business Interruption

Brand Damage

Regulatory/Legal Non-Compliance

Users that manage these systems include facility employees and vendors and as a result Intelligent Buildings can be seen as providing employee risk management and Vendor Risk Management (VRM)*.

“…Intelligent Buildings provides employee risk management and Vendor Risk Management (VRM)…”

Solutions

Intelligent Buildings uniquely spans the range of necessary services including:

I

Consulting for strategy and policy development

I

Site assessments and new project commissioning

I

Ongoing compliance monitoring of systems and contractors

We can help you with several, hundreds or even thousands of sites depending on your portfolio. This allows you to have confidence that even with the fragmentation and turnover in the facility environment there is consistency in vendor policy and system set up, profiles, and backup across the entire portfolio. In addition, our cybersecurity systems scans offer a level of asset and lifecycle management not possible in traditional approaches including end-of-life and patching issues.

Map Graphic