THE WEAKEST LINK

US retail giant Target found out the hard way that, in protecting yourself from cyber risks, you’re only as strong as your weakest link.

In 2013 the company paid out US$18.5 million after a massive data breach affected 41 million customers. But how did the hackers get in? According to US security investigative reporter Brian Krebs, it was through an IoT-enabled air-conditioning system installed by a contractor.

While most facility managers are undoubtedly focused on ensuring the reliability and integrity of operational assets in any cyber security protocols, there’s no doubt a holistic approach is required.

Craig Wishart, chief information officer at KPMG, says the connected world has to change the way we view our risk profile.

“IT systems have developed mature frameworks and technologies to address cyber threats,” he says. “Interconnected smart buildings must address and respond to the complexity and convergence of applied technology.”

Wishart says this is true of both physical and virtual smart building ‘architectures’. “Active and passive monitoring, patch management and event alarms must be considered across critical building systems.”

Jim Cook of Malwarebytes, a global cyber security and antimalware software provider, agrees