Three ways you can verify and protect your building services from cyber threats
Building services' systems and networks have reached a stage of ICT convergence where there is no longer the option to set and forget your infrastructure for 15 years. “Those days are gone”, suggests Wayne Gass, a Senior Security Consultant with 10 years of experience at Jacobs.
Wayne has witnessed first-hand the evolution of building systems from analogue standalone platforms to fully integrated smart IP systems and is fully aware of the cyber security implications associated with these interconnected systems.
He warns, “Converged services infrastructure should be fully monitored and managed. This includes ensuring that the latest firmware, software patching and antivirus applications are implemented and that there is a robust disaster recovery back-up solution in place. Monitoring the hardware and software status of all workstation, network and server equipment is vital to assist operators in identifying and rectifying failures before they lead to a significant outage.”
A breach can leave building owners and engineers facing reputation damage, not only with current tenants but potentially prospective tenants too. Data breach laws have hefty financial implications and cyber-attacks can leave building owners and tenants with sub performing building systems.
For the most part, effective cyber security threat mitigation is simply good housekeeping and keeping systems up to date with the latest security patches that fix a known exploit.
Wayne suggests three ways to verify a building’s cyber security:
- A penetration test, though this can be cost prohibitive.
- More simply, being smart about what we ask for as end users and consultants - specify configuration outputs from the switch, firewall, server and PC infrastructure and;
- Running configurations through a simulator to validate system security.
Presenting at the 2018 CIBSE Seminar Series – The Anatomy of the Smart Building, Wayne will further explore cyber security treatments for smart facilities. This will include the management of building system servers, workstations and networks by a certified and accredited ICT professional and suggestions for available software to best monitor and protect physical and virtual infrastructure. He will share best practice cyber security policies and explore next generation firewall systems. In addition, Wayne will utilise a current smart facility project as a case study that has taken cyber security to the Nth degree.
Wayne is one of seven eminent speakers presenting at the CIBSE ANZ Seminar Series – The Anatomy of the Smart Building who can help you to navigate the issues around assessment and integration of smart technologies. This series is taking place in Perth, Melbourne, Sydney and Auckland 15 - 25 October 2018. For a limited time, you can book and take advantage of early bird savings.