6 minute read
Protecting the house
Cybersecurity solutions extended to protect the rise of smart buildings and IoT technology
By Annick Villeneuve
No industry is immune to cyberattacks. Hackers are gaining access to infrastructures across every industry, as the 2021 Colonial Pipeline attack that took down the largest fuel pipeline in the
US illustrated it.
Now it has been more than a year since the incident, which led President Joe Biden to sign the Executive order 14028, providing initiatives on how to improve the US cybersecurity defenses for infrastructures and reinforcing the urge for organizations to implement a cybersecurity strategy. Despite these ongoing efforts to improve cybersecurity protection, as of 2022, 50% of organizations have yet to put a cybersecurity risk plan into place and incidents of cyber-attacks continue to intensify globally.
Smart Buildings the Next Target for Cyberattacks
One industry specifically at risk is the smart building market, due to the increasing adoption of building IoT technology devices, convergence of IT and OT networks, and the use of cloud-based management and analytic systems. In fact, building IoT technology is expected to grow from an existing 1.7 billion connected devices to over 3 billion by 2025, meanwhile studies have shown that 57% of IoT devices are vulnerable to high-severity attacks. Globally, buildings account for nearly 40% of CO2 emissions, making them a prime target for sustainability initiatives to tackle head-on. Having the ambition to decarbonize buildings can also expand beyond the reduction of CO2 emissions; it can be combined with advanced building controls, IoT devices, distributed energy resources (DERs) and Building Management Systems (BMS) to lower GHG emissions. Buildings are taking on unprecedented investments to install smart technology into their infrastructures because it allows them to visualize key data points within the building’s systems, which enhances productivity and saves time and money. With the increase in integrated IoT-connected smart technology, buildings are more vulnerable to cyberattacks than before. For a building to be truly sustainable, organizations should take the appropriate steps to protect their digital infrastructure, so that building data can be protected, operations can be kept intact and the decarbonization process remains consistent.
Overall, a comprehensive cybersecurity strategy and clearly executed policies are foundational to a security posture that considers the always-evolving cybersecurity risks that buildings face now and into the future.
Through this, the increasing demand for smart buildings technologies are requiring building operators to invest in security measures to protect the safety of their occupants while also maintaining operational continuity and the protection of the assets and investments of their shareholders. To achieve holistic protection across the infrastructure organizations should establish a key link across the business sector between investments in cybersecurity solutions that protect Building Management Systems (BMS) and the vast amount of data points in the latest IoT infrastructures.
Enhancing Cyber Protection of Building Managing Systems
Organizations should understand implementing cybersecurity technologies and solutions is a marathon, not a sprint. For impactful results, developing a comprehensive cybersecurity strategy starting with addressing the dynamic cyber threat landscape with a company-wide, end-toend, risk-informed framework. First, organizations should conduct a formal assessment to reveal onsite threats, risks, and vulnerabilities. Then a governance structure should be established to oversee the strategy implementation; following local regulations and using established industry-recognized frameworks to conform to cybersecurity standards such as IEC62443 is a key success factor in that discipline. Second, organizations should verify building networks respect a “secure-by-design” approach that provides an IoT-enabled architecture. This begins with physically separating networks dedicated to different purposes in the building managing system, which protects the perimeter of the networks via firewalls to control the flow of information into and out of the network. This way, if a breach does occur, the damage can be contained to just that specific system or device. Lastly, implementing automated technology allows organizations to continuously monitor cyber threats, helping organizations respond faster and more effectively to real-time issues. For example, OT specific firewalls are software tools with embedded knowledge of building system protocols and can perform deep packet inspections to filter traffic at the protocol operational code and data element levels. These firewalls and software monitoring tools go a long way toward minimizing building-related cybersecurity risks.
Safeguarding IoT usage
The integration of IoT in buildings has sparked an exciting shift across the sector, ranging from hospitals and data centers to commercial real estate. But IoT devices hardly have any inbuilt security, which opens the floodgates for cyberattacks and makes them a perfect target for hackers. As more IoT devices are deployed in buildings and increased connectivity between previously isolated operational technology, building management systems (BMS) and their IT counterparts, become the perfect targets to threat actors looking to disrupt operations. To take advantage of the new possibilities that IoT offers, building operators should find ways to safeguard both its access to the company’s IT systems as well as its mission-critical infrastructure.
As part of the cybersecurity protection and mechanism, there are three aspects as to why organizations should deploy IoT technology as part of their cybersecurity safeguards: > Faster response to potential cyber-threats: IoT technology must be paired with compatible cybersecurity solutions for buildings in order for organizations to have visibility and quickly evaluate the threats and vulnerabilities across building management systems. > The blurry lines between IT and OT boundaries: Increasingly, digital transformation is blurring the lines between information technology (IT) and operational technology (OT), so organizations must prepare by executing cybersecurity strategies that include considerations for both digital systems. > Cyber threats are becoming
more complicated over time:
Potential threats and cyber-attacks on smart buildings have become more complicated due to automated AI and robots, which is why organizations should take advantage of artificial intelligence and advanced technology in its defense against hackers. [EW3] [AL4]
With direct attention to the above safeguards when developing a cybersecurity strategy, organizations will be better prepared to prevent hackers from infiltrating IoT devices and protect their building’s privacy.
Incident Response Plan: Containment, Eradication, Backup and Recovery
We cannot forget about the process of containment, eradication, backup, and recovery—we must collectively consider an incident response plan (IRP). Containment involves taking steps needed to prevent an intrusion from spreading further throughout the system. The intent is to isolate the compromised assets for further analysis and to develop an eradication strategy. How containment and eradication is implemented will depend on the type of attack and vector. Eradication is a process of careful study and action to ensure that the full extent of the breach is known, and the appropriate steps are taken to eliminate all traces throughout the systems. With the threat contained and then eradicated, the process to recover takes effect. This part of the IRP includes restoring systems from a clean backup, rebuilding a system from scratch, replacing individual files that have been compromised, installing patches, changing passwords, and so on. [AC5] [AL6] Throughout that process, any newly discovered vulnerabilities would also be addressed to minimize the opportunity of a similar compromise in the future. Overall, a comprehensive cybersecurity strategy and clearly executed policies are foundational to a security posture that considers the always-evolving cybersecurity risks that buildings face now and into the future. Increasing demand for IoT technology and advances in smart buildings will continue to evolve and so must our attention and dedication to cyber security best practices for all building operators to reduce incidents that can significantly impact operations, costs, revenue, reputation, and potentially the health and safety of building occupants. CCR
Annick Villeneuve is VP of Digital Enterprise Solutions, Digital Energy Division at Schneider Electric.
