Modern commercial buildings use integrated processes designed to manage and self-regulate the building’s environment and operations for the convenience of occupants and for the lowest cost and environmental impact. Smart building systems help businesses achieve these goals.
Modern offices and operational buildings (manufacturing etc.) are becoming increasingly data driven and typically have the following Smart building technology systems in place:
- Building management systems
- Energy management systems (HVAC)
- WiFi networks
- Security systems (including CCTV & physical access control)
- Smart lighting
- Digital signage
- Occupancy monitoring
- Air quality monitoring
These systems may be controlled and monitored onsite, remotely and sometimes by 3rd party organisations. While improvements in functionality, energy cost savings and ease of use have been driving developments in these systems, security has not commonly been a primary concern.
Furthermore, how these systems are operated and accessed, and by whom, may be below the radar of internal IT and security teams, as in many cases the procurement and management of these systems falls outside of their remit.
BH Consulting can help in different ways, however we tend to start most engagements with a standards based ‘Smart Building Cybersecurity Risk Assessment’ in line with ISA/IEC 62443 and ISO 27001.
The aim of this assessment is to provide an objective review of current smart building cybersecurity posture, measured against internationally recognised standards and best practice.
The output of this assessment will be a report of findings and recommendations that will leave your organisation with an improved understanding of what threats and risks exist in the management of systems that control your Smart Building, and how to remedy them.
The Assessment will cover a wide range of security areas and functions such as:
- System security requirements and security levels
- Security technologies in use for industrial automation and control systems
- Secure product development lifecycle
- User access and authorisation management
- Cloud security
- Set Minimum cybersecurity requirements for your Smart Building
- Enable an integrated view of security threats and identify risks previously unexplore
- Identify potential security weaknesses among key 3rd party providers
- Be better prepared to prevent, mitigate and respond to threats