Millions of companies across Britain have been warned to prepare for Russian cyber-attacks as the UK placed sanctions on three wealthy allies of Vladimir Putin and five banks in response to the 'renewed invasion' of Ukraine.
GCHQ's National Cyber Security Centre (NCSC) urged UK organisations to 'bolster their online defences' and warned that there has been an 'historical pattern of cyber-attacks on the Ukraine with international consequences'.
Cyber security is now a big concern within the FM industry. The systems used to automate and maintain building controls can be used to monitor service requirements and deliver building managers and FM professionals vital data on a variety of areas, including health and safety compliance, space usage and lift maintenance. To that end, today’s smart buildings are equipped with a range of IoT devices which automate many of the facilities management processes, including lighting, HVAC, and security controls.
Connected technology enables FM professionals to deliver higher levels of efficiency, and gives occupiers more control of their surroundings via mobile apps. However, as FM embraces internet-enabled Building Automation Systems (BAS), it becomes more susceptible to possible cyber-threats, because savvy hackers can exploit these systems to gain access to an organisation’s data.
The consequences of ignoring the threat of cyber-breaches are far reaching and could include:
Physical damage to equipment or infrastructure
Theft of high value property or data
Loss of revenue
Bodily injury or death
HVAC shutdown/manipulation
Door locks being disabled
Disabling of physical intrusion detection systems
Loss of building lighting
Data centre thermal overloads
Loss of customer confidence/contracts
Higher insurance premiums
A lot of people believe that they won’t encounter a digital breach, but in fact, recent years have seen an increase in reported cybercrime among organisations in developed countries. As a result, a lack of cybersecurity preparedness is only going to leave your systems vulnerable to skilled hackers.
Take the time to train employees on protecting sensitive information. Employees should not leave loose papers in printers, fax machines, or conference rooms. Documents containing sales reports, customer details, and personal information should be treated as confidential. All doors and file cabinets should be locked at the end of the day to avoid theft and info leaks.
Implementing a culture that encourages and perhaps even rewards whistleblowing can be crucial to ensuring your employees follow these security guidelines.
Passwords should be changed regularly and committed to memory, not written down on paper. Computers users should log off of their accounts of at the end of the day. Each system should have the latest anti-virus software, and wireless networks should be well-protected. To keep documents secure among a mobile workforce, files should be stored using cloud-based software. (And while employees should know better than to discuss company information on social media networks, take the time to create a social media policy outlining what is not appropriate for sharing.)
Having simple user IDs and passwords creates a weak link that hackers can exploit. It’s important to create a policy for both password and ID creation. Depending on the software you’re using, you might be able to embed password creation protocols into the system.
Having some knowledge of server software and Group Policy can help immensely here as it will be possible to create or amend company security processes and policies.
Sometimes it can seem unclear whether a security issue should fall under facilities or IT. This is all the more reason to establish a culture of mutual accountability. If one department thinks that the other will take care of the matter, then neither may end up attending to it at all.
As a facility manager you have a lot on your plate, but by taking security precautions now, you can avoid a slip up in the future. Maintaining your cybersecurity might take a little extra time, but it’s time well spent.
Cyber threats are now in the spotlight more than ever – they pose a serious threat to facility managers who take on the responsibility of protecting their buildings and the data within. The future is not certain, but what is clear is that the FM sector will need employees with a high level of technical competence.
Moorcroft have worked with some of the biggest companies in the FM sector. We don’t just want to work with you, we want to understand your culture, your ambition and what kind of people fit your company. How do we do this? Well, we talk to real people and build real relationships. Technology is vital to all our work. However, it is no substitute for picking up the phone. This is what we do and our skill lies in identifying the right people – we pride ourselves on it! We have a proven track record and we strive to work with the best people for each project.
If you have a recruitment requirement, please contact Simon Moorcroft in the first instance.
Email: simon@moorcroftconsulting.com
Website: www.moorcroftconsulting.com
Twitter: @MoorcroftRec
