Best Practices: Enhancing Your Smart Building Cyber Security Programme

Access this research

A Smart Buildings subscription is needed to access this content.

Please choose an option below

Executive Summary

On top of much-discussed IT cyber security risks, firms face growing cyber threats across their operational technology (OT), because of the explosion of networked devices, the convergence of IT and OT networks, and aging building systems. Despite this, the cyber security of building systems is frequently undermanaged, as firms lack clarity on where the responsibility for OT cyber security lies and are unaware of the full extent of risks they face. Drawing on our interviews with experts from the cyber security, IT and building technology sectors, this report sets out best practices for enhancing the cyber security management of building systems. The research finds that the first step for rebooting a smart building cyber security strategy is defining clear responsibilities and embedding cyber management into facilities operations across procurement, technology management and staff training.

Table of contents

Firms Must Reboot Their Smart Building Cyber Security Strategies In The Face Of Growing Risks 
Firms Face Growing Cyber Threats Across Their Building Technology
The Explosion Of The IoT Across Buildings Is Making Cyber Security More Complex
OT Cyber Security Management Often Falls Through The Cracks Due To Unclear Responsibilities

Firms Should Take A Risk-Based Approach To Cyber Security Management 
Facilities, IT And Security Teams Must Unite Against The Cyber Security Threat   
Facilities Leaders Must Embed Cyber Security Into Operations
Business Leaders Must Transition To Proactive Cyber Security Management

Table of figures

Figure 1. Smart Building Systems Face Cyber Threats Across Four Key Frontiers  
Figure 2. Initial Infection Vectors Used In Cyber Attacks On OT, January 2020-June 2021  
Figure 3. Recent OT System Cyber Attack Tactics And Techniques  
Figure 4. Factors Slowing Down A Firm’s Response To A Cyber Attack  
Figure 5. Five Strategies For Managing OT Cyber Security  
Figure 6. Key Steps To Enhance Your Smart Building Cyber Security Programme  

About the authors

Susan Clarke

Research Director

Susan leads the Verdantix Smart Buildings practice. Her current research agenda focuses on software solutions for real estate management including integrated workplace management systems and IoT platforms for buildings. Her research expertise also includes a broad range of energy management technologies and energy services. Susan has eight years of experience in technology research. She holds a MSc from the University of London in Sustainable Development.

Rodolphe d’Arjuzon

Global Head of Research and Finance Director

Rodolphe co-founded Verdantix in 2008 and directs the firm’s research strategy across all practice areas. He also leads the Environment, Health & Safety practice on an interim basis. Rodolphe has over twenty years of experience in technology research and strategy consulting. He previously worked for Barclays Bank and L.E.K. Consulting. Rodolphe holds a PhD in Physics from Cambridge University.

Related Reports

Not a Verdantix client yet?

Register with Verdantix for authoritative data, analysis and advice to allow your business to succeed.