search.noResults

search.searching

dataCollection.invalidEmail
note.createNoteMessage

search.noResults

search.searching

orderForm.title

orderForm.productCode
orderForm.description
orderForm.quantity
orderForm.itemPrice
orderForm.price
orderForm.totalPrice
orderForm.deliveryDetails.billingAddress
orderForm.deliveryDetails.deliveryAddress
orderForm.noItems
SECURITY CYBER SAFE AND SECURE Lee Herrington, UK Security Product Portfolio Manager for Siemens Building


Technologies, examines the extensive challenge of protecting electronic security systems from cyberattack.


Cybercrime is widespread and costs the UK economy: The Cyber Security Breaches Survey 2017 reveals that nearly seven out of ten large businesses identified a breach or attack, with the average cost to large businesses of all breaches over the period being £20,000, and in some cases reaching millions.


Cyberattacks are impacting companies of all sizes, in all markets. Just under half (46%) of all UK businesses identified at least one cyber security breach or attack in 2016. This rose to two-thirds among medium-size firms (66%) and large firms (68%). We now live and operate in the era of digitalisation, which means increasing interconnectedness and the ensuing requirements for convenience and efficiency. But this also means facing and mitigating the challenges that come with digitalisation, namely increasing cyber risk and unwanted network access.


Our buildings and assets need to be secure for the future and a careful balance of cyber, physical, and organisational security measures is essential in delivering protection from the threats we face today. Securing digital buildings and critical infrastructure means addressing both cyber and physical security concerns, which automatically include the people and processes behind them.


In May 2017 the WannaCry ransomware spread across the globe. It put hospitals in the UK out of commission, shut down gas stations in China, and brought automobile assembly lines all over the world to a halt. Within weeks, NotPetya damaged operations in industries such as pharmaceutical companies and logistics specialists. It demonstrated that in a time of increasing digitalisation, big companies and organisations had moved into the crosshairs of cyber attackers.


The FM industry faces a variety of challenges: physical threats are more obvious, such as intrusions into buildings or sites, but cyber challenges can be multifaceted and can range from insider threat, ransomware attacks, opportunist threat, and hacktivism to terrorist related cyber threat, all of which affect people, technology, and business continuity.


The growing use of IP security solutions and security management software platforms increases the cyber threat, and vital in countering this threat is understanding the space between physical and cyber security challenges and the interactions among technology, people, processes, and communication.


What is meant by hardening Developing and implementing security measures and best practices is known as hardening. This is a continuous process of identifying and understanding security risks,


42 | TOMORROW’S FM


and taking appropriate steps to counter them. The process is dynamic because threats, and the systems they target, are continuously evolving. It is important to remember that physical security is also a vital part of hardening. For example, using physical barriers to servers and client computers, and making sure that items such as camera enclosures, locks, tamper alarms, and access controls are secure.


“When hardening a system, it is


important to balance the impact on business productivity and usability for the sake of security.”


The following are the actionable steps for hardening a Security Management System (SMS):


1. Understand the components to protect. 2. Harden the surveillance system components:


• Harden the servers (physical and virtual) and client computers and devices


• Harden the network • Harden the cameras


3. Document and maintain security settings on each system.


4. Train and invest in people and skills, including your supply chain.


In addition to software, the components of an SMS installation typically include hardware devices, such as cameras, encoders, alarms, sensors, networking products, storage systems, servers and client computers (physical or virtual machines), embedded computers and mobile devices. It is important to include hardware devices in the hardening process.


The threat and the risk There are many sources of threats to an SMS, including business, technology, process and human attacks or failures. Threat takes place over a lifecycle; the threat lifecycle, sometimes called the ‘cyber kill’ or ‘cyber threat chain’, describes the stages of advanced cyber threats.


The threat lifecycle is important for risk assessment because it shows where you can mitigate threats. The goal is to reduce the number of vulnerabilities, and to address them as early as possible; discouraging an attacker who is probing a system for vulnerabilities can eliminate a threat.


twitter.com/TomorrowsFM


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52  |  Page 53  |  Page 54  |  Page 55  |  Page 56  |  Page 57  |  Page 58  |  Page 59  |  Page 60  |  Page 61  |  Page 62  |  Page 63  |  Page 64  |  Page 65  |  Page 66  |  Page 67  |  Page 68  |  Page 69  |  Page 70  |  Page 71  |  Page 72  |  Page 73  |  Page 74