The Institution of Engineering and Technology (IET) has launched a new guide, Code of Practice: Cyber Security in the Built Environment, to help building owners develop more effective cyber security management to protect their building management systems and information from cyber attacks.
With a focus on practical advice, the new guide explains how to protect a building’s systems from hackers and other unavoidable incidents, as well as how to improve their business continuity processes. It also covers personnel security advice, for today’s building management must also consider threats from disgruntled staff or contractors.
The premise for the Code of Practice is that building owners, operators, and occupiers need to understand cyber security and promote awareness to a building’s stakeholders. This includes giving appropriate briefing to the design, construction, and facilities management teams.
Featured Download: Social media access at work. Do your employees know the rules?
Hugh Boyes, IET Cyber Security Lead and author of the Code of Practice, said: “It’s common practice now for all parties involved in building construction and management to operate in line with stringent health and safety practices. Failure to address cyber security risks could have just as dire consequences as neglecting health and safety, such as serious injury or fatality, disruption or damage to building systems, and loss of use of the building. And yet awareness of these issues is markedly lower.
“It’s tempting to think that hackers attacking buildings and their operating systems are the reserve of science fiction movies, but these kinds of attacks are already starting to happen in real life. Hackers have attacked building management systems governing heating, ventilation and air conditioning systems. There is also the example of a cyber-attack on Target, which was initiated using remote access credentials from one of the company’s contractors. In this example, the hacker was able to gain access to the corporate network, resulting in the theft of card details for over 140 million credit cards.
“While hacker attacks of this kind remain relatively rare, building owners and managers can’t afford to be complacent.”
Buildings are becoming increasingly complex and dependent on the extensive use of information and communications technologies. The Code of Practice explains why it is essential that cyber security is considered throughout a building’s lifecycle and the potential financial, reputational, and safety consequences that may arise if cyber security threats are ignored.
It provides clear, user-friendly guidance to help people from a wide range of technical and non-technical backgrounds understand how managing cyber security applies to their job roles. It also outlines their personal responsibilities in maintaining the security of the building.
For more information, visit http://www.theiet.org/resources/standards/index.cfm.
The IET is one of the world’s largest engineering institutions with nearly 160,000 members in 127 countries. It is also the most multidisciplinary – to reflect the increasingly diverse nature of engineering in the 21st century. Energy, transport, manufacturing, information and communications, and the built environment: the IET covers them all.
For over 140 years the IET has been inspiring, informing and influencing the global engineering community, supporting technology innovation to meet the needs of society. With the complexity and diversity of the engineering world the role of the IET is more relevant now than it ever has been.