Cybersecurity has become a significant consideration for businesses of all sizes in the past two decades. As operations and systems have gradually transitioned online, so too have the risks.
As risks diminish in a physical sense with improved security and safety measures, cybersecurity is the new battleground for businesses to face – and failing to do so can have serious repercussions. Just as digital business systems and networks are becoming more vulnerable to cyber attacks, the smart and connected buildings that many operate in are facing a similar threat. In this article, we discuss the main cybersecurity risks associated with smart and connected commercial buildings.
Connected system vulnerabilities
Smart buildings are increasingly coming with connected and largely automated systems. Climate control, lighting, ventilation, security and other elements of commercial spaces can be connected through a central hub that manages the whole system. While this does wonders for automation, efficiency and maintenance, it can cause system vulnerability and more opportunities for hackers.
Each operational system, which would have been isolated in times gone by, is now a potential access point into the entire digital infrastructure and, therefore, a vulnerability if adequate cybersecurity measures aren’t in place. This is cause for concern because one weak point in a building’s digital network could open the door for an attack that impacts the whole building and puts the people and data inside at risk. Certain isolated hardware is still necessary to mitigate certain safety risks and protect people, such as basic emergency exit hardware that can still be activated when it’s needed most.
IoT devices
Connected buildings typically rely on IoT devices to collect data, communicate and manage systems. On a similar note to the previous section, each of these IoT devices is a possible weakness in the building’s digital infrastructure. IoT devices are notoriously susceptible to cyber threats, largely because the data communicated between them can be intercepted. Such devices in commercial buildings, whether they be alarm sensors, security cameras or card readers, must be managed and maintained regularly through software updates and physical inspections.
Human error
With all the advancements in smart buildings, there is still a human factor that must be accounted for. After all, these buildings are used by people and the way they interact with the building has a significant role to play in security. Much like leaving the office door unlocked in traditional commercial buildings would leave the whole facility vulnerable, people can effectively do the same from a digital perspective.
Data security is a critical factor in any workplace and people can be targeted through phishing emails and malware attacks without even realising it. Data breaches, loss of access cards and many other mistakes are mostly human errors and these can compromise the security of smart buildings entirely.
Knowledge and skillset of facility managers
These upgraded elements in smart buildings are all well and good, but if the person or team responsible for managing such systems isn’t properly equipped to do so then this may be a significant risk. Appropriate upskilling or retraining of facilities managers should be a fundamental part of the process and some even hire the expertise of cybersecurity experts to assist with these areas. Cybersecurity can be complex and issues are often hard to detect for the untrained eye. Therefore, smart buildings require more highly skilled security personnel to ensure that the whole system is protected.
These are some of the main cybersecurity issues associated with smart and connected buildings. Such facilities are more common with each passing year and are surely going to dominate the commercial space well into the future, so cybersecurity concerns need to be addressed and prioritised to protect buildings, people and data.
