Use of connected devices creating an “underrecognized” security risk

Businesses face a growing but underrecognized threat from cyberattacks using connected devices, and facility managers need to work with IT professionals to address the problem, the research warned.

New Data from the Research and Consulting Company Verdantix highlighted how a surge in the number of connected devices in building systems means that the operational technology (OT) used to operate facilities creates a growing risk of cyberattack.

Connected OT networks are converging with their IT counterparts, blurring traditional cybersecurity lines of responsibility, just as aging building systems need to be replaced and the number of attacks increases.

Without sufficient security controls, Verdantix warns, these systems introduce significant new risks and more entry points for cybercriminals to exploit.

The last five years have seen a substantial increase in Internet of Things (IoT) sensors and smart devices being deployed, with companies frequently selecting these smart devices based on cost and functionality, resulting in installations with many devices with poorly integrated cybersecurity controls.

Cyberattacks targeting IT systems cost businesses an estimated $945 billion in 2020 in data and system damage, lost productivity, and theft of money, intellectual property, and personal data, despite $145 billion in cybersecurity spending.

Verdantix Best Practices: Improving Your Smart Building’s Cybersecurity Program revealed that companies are unaware of the extent of their exposure to OT risk, as they often do not maintain logs of connected devices or the level of cybersecurity protection provided.

Compiled after interviews with experts from the cybersecurity, IT and building technology industries, the report shows how businesses can adapt. Its release comes as more and more IoT-connected devices are transforming the landscape, but only 32% of companies assess IoT security risks as part of the third-party onboarding process and only 54% run penetration tests on their IoT devices.


Rodolphe D’Arjuzon, Global Head of Research at Verdantix, said, “The first step to reinvigorating a smart building cybersecurity strategy is to define clear responsibilities and embed cyber management into facility operations through procurement, technology management and staff training.

“Facilities managers should not develop a siled cyber program themselves, but rather partner with their IT and security counterparts to integrate cybersecurity into different building management processes. »

According to the last Safety Report 2022 starting in February, this year will mark a turning point in the adoption of IoT security.

The data suggests that the industry is committed to closing the historic gap between the rate of digital transformation and the speed of securing the IoT ecosystem.

Researchers surveyed 1,038 technology decision makers across Europe, the US and APAC, and found a positive shift for IoT security within organizations and a change in attitude, with companies doing concerted efforts to make the IoT more secure.

Get the latest DIGIT news straight to your inbox

Our newsletter covers the latest technology and IT news from Scotland and beyond, as well as in-depth articles and exclusive interviews with personalities and rising stars.

Click here to subscribe.

Comments are closed.