Presentation is loading. Please wait.

Presentation is loading. Please wait.

Intelligent Buildings and Cybersecurity

Published byJasmine Wilkinson Modified over 6 years ago

Similar presentations

Presentation on theme: "Intelligent Buildings and Cybersecurity"— Presentation transcript:

1 Intelligent Buildings and Cybersecurity
Rawlson O’Neil King CABA Communications Director IoT Emerge Chicago, IL

2 About CABA The Continental Automated Buildings Association (CABA) is a leading international, not-for-profit, industry organization that promotes advanced technologies in homes and buildings. Vision CABA advances the connected home and intelligent buildings sectors. Mission CABA enables organizations and individuals to make informed decisions about the integration of technology, ecosystems and connected lifestyles in homes and buildings. CABA Intelligent Buildings and Cybersecurity 2016

3 Benefits Competitive intelligence Collaborative research opportunities
Efficient access to information Promotion of products and services World's largest research library Industry events and workshops Updated news and data Active industry councils Networking opportunities Marketing support Influence industry trends Cost savings in research and travel CABA Intelligent Buildings and Cybersecurity 2016

4 Research Program The CABA Research Program offers a range of opt-in technical and advisory research services designed to provide industry stakeholders with collaborative market research and R&D opportunities. Offers collaborative Landmark Research Projects and Boutique Multi-Client Research Projects CABA Intelligent Buildings and Cybersecurity 2016

5 Landmark Research Intelligent Buildings & Cybersecurity Landmark Research Report Evaluation of the state of cybersecurity in intelligent buildings Stakeholder analyses via in-depth interviews and directed surveys Value proposition evaluation for cybersecurity solutions An assessment of the future market direction and specific recommendations. CABA Intelligent Buildings and Cybersecurity 2016

6 Research Vendor CABA Intelligent Buildings and Cybersecurity 2016

7 Intelligent Building and Cybersecurity Study Funders
CABA Intelligent Buildings and Cybersecurity 2016

8 Snapshot of an Intelligent Building
CABA Intelligent Buildings and Cybersecurity 2016

9 Evaluation of Cybersecurity in Buildings
CABA Intelligent Buildings and Cybersecurity 2016

10 Intelligent Building Macro Environment
Source: Institute of Engineering Technology and Compass Intelligence Analysis. CABA Intelligent Buildings and Cybersecurity 2016

11 Standalone vs. Converged Building Systems
Source: CABA Intelligent Buildings and Cybersecurity 2016

12 IT/Horizontal Convergence
Source: CABA’s 2015 Intelligent Buildings and Big Data, International Association of Fire and Rescue Services, and BSRIA CABA Intelligent Buildings and Cybersecurity 2016

13 Selected Access Points for Cyber-Attacks – Where is the Risk?
Source: Compass Intelligence. CABA Intelligent Buildings and Cybersecurity 2016

14 Protection Requirements
Source: Compass Intelligence. CABA Intelligent Buildings and Cybersecurity 2016

15 Cybersecurity Threats
Source: GAO analysis of unclassified government and nongovernment data. GAO-15-6,; Symantec. CABA Intelligent Buildings and Cybersecurity 2016

16 Cybersecurity Threats (continued)
Source: GAO analysis of unclassified government and nongovernment data. GAO-15-6 CABA Intelligent Buildings and Cybersecurity 2016

17 Cybersecurity Threats (continued)
Source: GAO analysis of unclassified government and nongovernment data. GAO-15-6,; Symantec. CABA Intelligent Buildings and Cybersecurity 2016

18 Profile of Cyber Attackers and Types of Attacks Carried Out (2015), North America
Source: 2015 Verizon Data Breach Investigation Report CABA Intelligent Buildings and Cybersecurity 2016

19 NIST Framework Framework Core which includes a set of cybersecurity activities that are deemed common across various infrastructure sectors: Identify - Develop an organizational understanding to manage cybersecurity risk to systems, assets, data and capabilities. Protect - Develop and implement the appropriate safeguards to ensure delivery of critical infrastructure services. Detect - Develop and implement the appropriate activities to identify the occurrence of a cybersecurity event. Respond - Develop and implement the appropriate activities to take action regarding a detected cybersecurity event. Recover - Develop and implement the appropriate activities to maintain plans for resilience and to restore any capabilities or services that were impaired due to a cybersecurity event.” Source: National Institute of Standards and Technology, NIST CABA Intelligent Buildings and Cybersecurity 2016

20 Survey Details The survey was conducted in August 2015.
The survey involved 939 people who started the survey, 543 of these qualified for the survey and a total of 502 completed it in it’s entirety. The survey ran for one week. Qualified respondents were involved in company’s IT or facility management and currently have or plan to purchase cybersecurity solutions. CABA Intelligent Buildings and Cybersecurity 2016

21 Survey Respondent Profile
Source: Compass Intelligence ‘s Intelligent Building and Cybersecurity, Landmark Research 2015. CABA Intelligent Buildings and Cybersecurity 2016

22 Survey Respondents by Size of Business
Source: Compass Intelligence ‘s Intelligent Building and Cybersecurity, Landmark Research 2015. CABA Intelligent Buildings and Cybersecurity 2016

23 Change in Severity of Building/Facility Security Incidents Over Last 12 Months
Source: Compass Intelligence ‘s Intelligent Building and Cybersecurity, Landmark Research 2015. CABA Intelligent Buildings and Cybersecurity 2016

24 Importance of Cybersecurity
Source: Compass Intelligence ‘s Intelligent Building and Cybersecurity, Landmark Research 2015. CABA Intelligent Buildings and Cybersecurity 2016

25 Truths of Those in the Market
Source: Compass Intelligence ‘s Intelligent Building and Cybersecurity, Landmark Research 2015. CABA Intelligent Buildings and Cybersecurity 2016

26 Building Elements Perceived to be at High Risk
Source: Compass Intelligence ‘s Intelligent Building and Cybersecurity, Landmark Research 2015. CABA Intelligent Buildings and Cybersecurity 2016

27 Top Areas of Concern for Securing and Protecting Buildings/Offices
Source: Compass Intelligence ‘s Intelligent Building and Cybersecurity, Landmark Research 2015. CABA Intelligent Buildings and Cybersecurity 2016

28 Availability of Resources and Skills to Tackle Cybersecurity
Source: Compass Intelligence ‘s Intelligent Building and Cybersecurity, Landmark Research 2015. CABA Intelligent Buildings and Cybersecurity 2016

29 Readiness Level by Group
Source: Compass Intelligence ‘s Intelligent Building and Cybersecurity, Landmark Research 2015. CABA Intelligent Buildings and Cybersecurity 2016

30 What is Being Done to Reduce Risk?
Source: Compass Intelligence ‘s Intelligent Building and Cybersecurity, Landmark Research 2015. CABA Intelligent Buildings and Cybersecurity 2016

31 Perceived Sources of Cyber Threat
Source: Compass Intelligence ‘s Intelligent Building and Cybersecurity, Landmark Research 2015. CABA Intelligent Buildings and Cybersecurity 2016

32 Most Spend between 5-20% of IT Budget on Cybersecurity
Source: Compass Intelligence ‘s Intelligent Building and Cybersecurity, Landmark Research 2015. CABA Intelligent Buildings and Cybersecurity 2016

33 Changes in Security Budget from 2014 to 2015, Survey Results
Source: Compass Intelligence ‘s Intelligent Building and Cybersecurity, Landmark Research 2015. CABA Intelligent Buildings and Cybersecurity 2016

34 Percentage Increase in Cybersecurity Budget
Source: Compass Intelligence ‘s Intelligent Building and Cybersecurity, Landmark Research 2015. CABA Intelligent Buildings and Cybersecurity 2016

35 Global Cybersecurity Revenues Market, 2015-2022 (In Billions)
Source: Compass Intelligence, 2015 CABA Intelligent Buildings and Cybersecurity 2016

36 Willingness to Pay for Cybersecurity
Source: Compass Intelligence ‘s Intelligent Building and Cybersecurity, Landmark Research 2015. CABA Intelligent Buildings and Cybersecurity 2016

37 Key Recommendations & Final Thoughts
Building owners and operators Understand both intra and inter-system integration (IT and OT systems), including understanding the differences among industries and building types. Understand and identify the preparedness level that is needed to protect against the risk of BMS/BAS-related cybersecurity. Strong collaboration and coordination is required among all building stakeholders, including building control systems’ vendors and cybersecurity vendors. Stringent policies and procedures to guard both IT and OT against cybersecurity threats must be implemented. Cybersecurity is not just a technology issue; it is also a “people” issue. A comprehensive cybersecurity plan is critical and must include all threats, including employees, tenants, and even ex- employees. Education of building owners and facility managers about cybersecurity issues. IP and cloud-enabled buildings - Need to protect and secure both the IT and OT networks Security starts with the building systems companies and products, and it ends with the customer. Again, focus on securing endpoints, connectivity, applications/data, and implementing threat management solutions. CABA Intelligent Buildings and Cybersecurity 2016

38 Key Recommendations: Building Owners, Administrators, Managers
Work closely and cooperatively with IT managers Perform full assessments of all systems, software, and equipment, focus on IP-enabled, VPN connected, and other vulnerabilities Get educated around building system vulnerabilities Be aware of financial loss, risk, and insurance requirements of cyber-attacks Understand standards Work with BMA/BAS vendors and IT vendors collaboratively CABA Intelligent Buildings and Cybersecurity 2016

39 Key Recommendations: IT Managers
Understand what systems are connected to the IT network and OT network, including building systems IP-enabled may be a point of attack Have well-defined, well-enforced protocol for adding building systems equipment and devices to the network Performing assessments and audits, have structured security plan in place Understand emerging intelligent building trends Understand standards Evaluate the risks involved by not separating the IT and OT network CABA Intelligent Buildings and Cybersecurity 2016

40 Key Recommendations: Intelligent Building Products & Services Vendors (BMS/BAS)
Embedded security is becoming more imperative in today’s product development of IoT Understand end users, market trends, and related technologies and solutions Education and cybersecurity expertise should also start with you Stay ahead and know complexities and security risks of your products Understand emerging intelligent building trends Understand standards CABA Intelligent Buildings and Cybersecurity 2016

41 Reducing Risk & Next Steps to Prepare
Securing and hardening wireless and IP networks Stricter authentication and access management Further security protocols to restrict access Security software and ongoing updates and maintenance Separation of the IT and OT networks Other planned measures to harden the building system’s infrastructure and networks CABA Intelligent Buildings and Cybersecurity 2016

42 Key Pillars to Success for Intelligent Building and Cybersecurity Market (2015), North America
CABA Intelligent Buildings and Cybersecurity 2016

43 Action Items to implement today!
Policy Steps VPN connections Unidirectional gateways Standards based security hardware and software Complex and routinely changing passwords Independent 3rd party audits Data encryption to ensure privacy and protection against data thefts Network monitoring and analysis tools that focus on network connections and traffic specifically related to OT NIST Framework and recommended whitelisting techniques that only provide access to approved/authorized parties CABA Intelligent Buildings and Cybersecurity 2016

44 More Information Cyber security for intelligent buildings
Engineering & Technology Reference, 2016, 6 pages Rawlson O'Neil King April 2016 CABA Intelligent Buildings and Cybersecurity 2016

45 Continental Automated Buildings Association (CABA) 613. 686
Continental Automated Buildings Association (CABA) Toll free: CABA (2222) Fax:

Download ppt "Intelligent Buildings and Cybersecurity"

Similar presentations

NOTE: To change the image on this slide, select the picture and delete it. Then click the Pictures icon in the placeholde r to insert your own image. Cybersecurity.

NOTE: To change the image on this slide, select the picture and delete it. Then click the Pictures icon in the placeholde r to insert your own image. Cybersecurity.
David A. Brown Chief Information Security Officer State of Ohio

David A. Brown Chief Information Security Officer State of Ohio
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
Security Controls – What Works

Security Controls – What Works
PPA 573 – Emergency Management and Homeland Security Lecture 9b - Department of Homeland Security Strategic Plan.

PPA 573 – Emergency Management and Homeland Security Lecture 9b - Department of Homeland Security Strategic Plan.
NIST framework vs TENACE Protect Function (Sestriere, 21-23 Gennaio 2015)

NIST framework vs TENACE Protect Function (Sestriere, Gennaio 2015)
Resiliency Rules: 7 Steps for Critical Infrastructure Protection.

Resiliency Rules: 7 Steps for Critical Infrastructure Protection.
Dell Connected Security Solutions Simplify & unify.

Dell Connected Security Solutions Simplify & unify.
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.

Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
April 14, 2003- A Watershed Date in HIPAA Privacy Compliance: Where Should You Be in HIPAA Security Compliance and How to Get There… John Parmigiani National.

April 14, A Watershed Date in HIPAA Privacy Compliance: Where Should You Be in HIPAA Security Compliance and How to Get There… John Parmigiani National.
℠ Pryvos ℠ Computer Security and Forensic Services May 27, 2015 Copyright © 2015 Pryvos, Inc. 1.

℠ Pryvos ℠ Computer Security and Forensic Services May 27, 2015 Copyright © 2015 Pryvos, Inc. 1.
The IT Vendor: HIPAA Security Savior for Smaller Health Plans?

The IT Vendor: HIPAA Security Savior for Smaller Health Plans?
©2015 Continental Automated Buildings Association (CABA). Notice: No material in this publication may be reproduced, stored in a retrieval system, or transmitted.

©2015 Continental Automated Buildings Association (CABA). Notice: No material in this publication may be reproduced, stored in a retrieval system, or transmitted.
INTELLIGENT BUILDINGS AND CYBERSECURITY

INTELLIGENT BUILDINGS AND CYBERSECURITY
CABA’s CONNECTED CONSUMER ROADMAP

CABA’s CONNECTED CONSUMER ROADMAP
Sicherheitsaspekte beim Betrieb von IT-Systemen Christian Leichtfried, BDE Smart Energy IBM Austria December 2011.

Sicherheitsaspekte beim Betrieb von IT-Systemen Christian Leichtfried, BDE Smart Energy IBM Austria December 2011.
Frankfurt 14. - 18.03.2016 Intelligent Buildings and Big Data Greg Walker, Research Director CABA (Continental Automated Buildings.

Frankfurt Intelligent Buildings and Big Data Greg Walker, Research Director CABA (Continental Automated Buildings.
Cyber Security Phillip Davies Head of Content, Cyber and Investigations.

Cyber Security Phillip Davies Head of Content, Cyber and Investigations.
Smart Buildings Middle East

Smart Buildings Middle East
Security and resilience for Smart Hospitals Key findings

Security and resilience for Smart Hospitals Key findings

Similar presentations

Ads by Google