Smart Building Cybersecurity from Intelligent Buildings

Overview

There is more to building management system cybersecurity than you think. At the building level, cybersecurity is different than enterprise IT, and traditional technology and practices simply don’t work. There is an area of cybersecurity that IT companies and departments have been unable to tame—the vulnerability, fragmentation, and inconsistency from building systems and contractors.

Please contact us about our Managed Services, and see how we can help you mitigate and assess risk.

Self-Assessment Tool

Servers

90%

of building system servers accessed for personal use

(e.g., email, social media, etc.)

Systems

98%

of organizations have no building system
configuration set up requirements for operators

(e.g., passwords, software updates, etc.)

Backups

85%

of organizations have
inadequate or no building
system backup procedures

DOWNLOAD
Cyber Brochure

DOWNLOAD
Cyber Whitepaper

DOWNLOAD
Cyber Attacks Whitepaper

RANSOMWARE
VIA EMAIL

92 days

to remediate ransomware
due to personal use

ADMINISTRATIVE
MISMANAGEMENT

100 buildings

knocked offline resulting
in 6,000+ manhours

INADEQUATE
BACKUP PLAN

25 floors

unoccupiable for 2 DAYS resulting in $10K
lost rent and 1M HOURS of lost business

DOWNLOAD
Cybersecurity Incident Infographics

FM Achilles Heel

IT Shuts Down FM

Tenant Evacuation

BMS Shutdown

Low Sophistication Hacking

Real Estate Fragmentation Creates Risks Unlike Any Other Industry

100

BUILDINGS

300+

OPERATOR
SERVICE COMPANIES

600+

SILOED BUILDING
CONTROL SYSTEMS

3,000+

TECHNICIANS

To further complicate the problem, traditional IT and IoT companies, solutions, and professionals lack the technical knowledge and cultural awareness of building OT systems.

Many IT firms have attempted to provide Smart Building solutions and services related to controls systems and have failed with the exception of traditional back-office software, such as work order management and asset management, along with some high-level database, data lake and analytics solutions that are generally disconnected from the front-line building systems. As a result, IT companies are virtually non-existent in the building controls OT cybersecurity world.

Categorical Consequences

CRE building controls systems such as HVAC, elevator, lighting, parking, and access control that are not cybersecurity managed create imminent risks for:

LIFE SAFETY
INCIDENTS

PRODUCTIVITY
LOSS

REGULATORY
NON-COMPLIANCE

EQUIPMENT
REPLACEMENT

CORPORATE NETWORK
INFILTRATION

BRAND
DAMAGE

Users that manage these systems include facility employees and vendors and as a result Intelligent Buildings can be seen as providing employee risk management and Vendor Risk Management (VRM).

Solutions

Intelligent Buildings uniquely spans the range of necessary services, including:

Advisory Services

for strategy, commissioning, and policy development

Assessment Services

for cybersecurity
and system risk

Managed Services

focused on monitoring systems and operators

We can help you with several, hundreds or even thousands of sites, depending on your portfolio. This allows you to have confidence that, even with the fragmentation and turnover in the facility environment, there is consistency in operator policy and system set up, profiles, and backup across the entire portfolio. In addition, our cybersecurity systems scans offer a level of asset and life cycle management not possible in traditional approaches, including end-of-life and patching issues.

Overview

Servers

of building system servers accessed for personal use

Systems

of organizations have no building system configuration set up requirements for operators

Backups

of organizations have inadequate or no building system backup procedures

RANSOMWARE VIA EMAIL

to remediate ransomware due to personal use

ADMINISTRATIVE MISMANAGEMENT

knocked offline resultingin 6,000+ manhours

INADEQUATE BACKUP PLAN

unoccupiable for 2 DAYS resulting in $10Klost rent and 1M HOURS of lost business

DOWNLOADCybersecurity Incident Infographics