Wider adoption of smart building technology should stimulate corporations and governments to ensure that they are adequately prepared for potential cyber risks, a recently published report states.
As smart cities become a reality in the GCC, smart buildings are becoming more prevalent because of the optimised efficiency and convenience they offer for both operators and tenants. Smart buildings operate as a link between the physical and digital world and leverage data to optimise operations and lower facility costs, while increasing safety and sustainability. However, unlike cyber risks in other industries, smart buildings are not just susceptible to data breaches and IT interference, but are also vulnerable to disruptions that could negatively impact several aspects of daily life, it is observed.
The report is titled ‘Cybersmart Buildings’ co-authored by Booz Allen Hamilton and Johnson Controls.
Cyber threat actors have demonstrated capability and intent in hacking building automation systems, safety systems and critical environmental technology. Smart system network designs must be secured, if integrated with IT systems and networks, to make sure internal systems are not exposed to new threat vectors from building automation systems. For example, hackers can exploit vulnerabilities in heating, ventilating and air-conditioning systems as the entry point into a corporate network, or hack into IoT (Internet of Things) devices to breach the privacy of residents, according to a press statement.
“One of Qatar’s most ambitious construction plans for smart cities, Lusail, aims to deliver smart solutions to its stakeholders, in line with the country’s National Vision 2030 strategy. With real estate players looking to reduce costs and meet sustainability and efficiency goals, smart buildings have become increasingly relevant and the wider adoption of such smart technologies across the country is resulting in an increase in the number of sensors and devices talking to one another,” the statement noted.
Therefore, as automated systems control more of the environment, it is no longer enough for a building to be smart – “it must now be cybersmart”. This entails a blended approach of risk-based planning, technology, working with the right partners, assessing old and new infrastructure, processes and capabilities across the building lifecycle, and people skills.
Dr Adham Sleiman, vice-president at Booz Allen Hamilton, said: “It is of paramount importance to protect smart building investments for all stakeholders involved from developers to end-users. To achieve this, cross-functional co-operation between internal and external stakeholders is a must, including IT, cybersecurity and facility teams, external business partners and vendors.”