There is more to building management system cybersecurity than you think. At the building level, cybersecurity is different than enterprise IT, and traditional technology and practices simply don’t work. There is an area of cybersecurity that IT companies and departments have been unable to tame—the vulnerability, fragmentation, and inconsistency from building systems and contractors.
Please contact us about our Managed Services, and see how we can help you mitigate and assess risk.
of building system servers accessed for personal use
(e.g., email, social media, etc.)
of organizations have no building system
configuration set up requirements for operators
(e.g., passwords, software updates, etc.)
of organizations have
inadequate or no building
system backup procedures
to remediate ransomware
due to personal use
knocked offline resulting
in 6,000+ manhours
unoccupiable for 2 DAYS resulting in $10K
lost rent and 1M HOURS of lost business
Cybersecurity Incident Infographics
FM Achilles Heel
IT Shuts Down FM
Low Sophistication Hacking
Many IT firms have attempted to provide Smart Building solutions and services related to controls systems and have failed with the exception of traditional back-office software, such as work order management and asset management, along with some high-level database, data lake and analytics solutions that are generally disconnected from the front-line building systems. As a result, IT companies are virtually non-existent in the building controls OT cybersecurity world.
CRE building controls systems such as HVAC, elevator, lighting, parking, and access control that are not cybersecurity managed create imminent risks for:
Users that manage these systems include facility employees and vendors and as a result Intelligent Buildings can be seen as providing employee risk management and Vendor Risk Management (VRM).
Intelligent Buildings uniquely spans the range of necessary services, including:
for strategy, commissioning, and policy development
and system risk