Was your commercial or government building built in the past 25 years or so? Houston, we may have a problem. Your temperature control, lifts, lighting, and critical infrastructure systems may be lacking in Cybersecurity, therefore open to attack.
It’s not just smart buildings that are networked up with Cybersecurity – any building built in the past 25 years or so uses networks to control various physical infrastructure, which also may be connected to your corporate networks.
Do you see the problem here?
Would you let your A/C contractor help set up your corporate IT network? Would that comply with your cybersecurity policies? Do they even know anything about keeping these networks safe? Sounds very unlikely.
These types of contractors aren’t trained in cybersecurity. That’s not their job. They install the infrastructure, link it up, make sure it works as expected, and are on their way until a maintenance issue arises.
There are so many points of failure here from a cybersecurity perspective that it should cause your execs to break out in a sweat just thinking about it.
What are the implications for insecure building infrastructure systems?
Insecure building infrastructure systems leave you open to hacking attempts on these systems.
Someone who’s hacking for fun might just find a way in to set off your fire safety systems and get a giggle out of thinking about everyone freaking out. A sophisticated hacker may have more malicious reasons for an attack.
Think about the implications here for a second:
- Taking a hit to productivity dealing with the issue
- Brand damage when the word gets out about the incident
- Potential equipment damage and replacement costs
- Threat to employee safety
- Sophisticated hackers finding a way in to the corporate network – and all your data
What can you do about insecure building infrastructure systems?
If you are the sole tenant or owner of the building, then you have full control of where to go from here – and we’ll get to that in a minute.
If you are the co-tenant in a building with others, or part of a strata, it’s time to set a time for a meeting with all the other owners/tenants of the building about this overlooked cyber risk. Come armed with this article!
The next step is to do a complete evaluation on the current state of your building infrastructure and associated risk/weak points. This will involve:
- Complete map and components of current networked building infrastructure
- Contractors who take care of your systems
- Each system and manufacturer (think about the current thoughts about Huawei infrastructure and security risks)
- Connections/firewalls/etc. between building infrastructure systems and corporate systems
This will all require a professional cybersecurity infrastructure evaluation.
A1 Technologies is experienced in evaluating commercial and government buildings to grade infrastructure, highlight weak points, make recommendations for changes, help implement new security plans, and provide ongoing support, including advisory about, and configuration of, any new systems (and contractors) you’re thinking about putting in.
How about new buildings?
New buildings aren’t safe either – even with a solid building systems infrastructure security plan in place, they could be compromised before you’ve even built them! In 2013 it was discovered that Chinese hackers had discovered the blueprints for Australia’s new $630m ASIO building. Ouch.
Planning safely is critical! The more interesting your data is to outside actors, the greater risk to your business, and the more careful you need to be with cybersecurity, including building and building systems security.
Manage your building risk before it comes around to bite you
Partner with A1 Technologies to effectively manage your building infrastructure systems cybersecurity, including mitigation plans for backup and disaster recovery should an incident occur. Don’t leave yourself open to attack, and make sure you’re prepared should something unexpected happen!
Subscribe to our newsletter
Enter your email and stay in touch with the latest updates from A1.
You might also like…
- When you’re thinking about converting your legacy systems to G Suite or Office 365, one of the most important bullet points on your...
- Microsoft released Office 365 in 2011, originally titled Microsoft Business Productivity Online Suite or “BPOS”. This adaption forever changed the way businesses could...
- It’s time for another round up of the latest and greatest in AWS, and how new and improved services from the world’s most...