Innovations in Comfort, Efficiency, and Safety Solutions.
|Towards a Cybersecurity Partnership in
It is our goal that smart building owners and operators avoid the harsh realities of cyberattacks now by taking a proactive approach towards cybersecurity.
Kevin T. Smith,
Chief Technology Officer,
Originally published by Realcomm - Feb Advisory
Over the past few months, there has been some well-needed government and media attention paid to the cybersecurity posture of control systems used in smart buildings and Operational Technology (OT) networks. Cyber-threat watchers note that there continues to be a significant number of these control systems that are configured in an insecure manner and exposed on the Internet. This is something that must change.
ago, organizations had to quickly become savvy about protecting their
Information Technology (IT) networks from remote attackers. As IT
networks grew, so did the cybersecurity threats — viruses, malware, and
phishing attacks proliferated, and they continue to do so.
Organizations that experienced early, highly publicized cyberattacks
and data breaches learned painful and costly lessons. In too many of
those cases, proper focus on cybersecurity awareness and best practices
only happened after such an attack. Luckily, we can learn from those
mistakes and lessons from the past and apply them to OT networks
today. It is our goal that smart building owners and operators
avoid the harsh realities of cyberattacks now by taking a proactive
approach towards cybersecurity.
As many of you know, Tridium’s Niagara Framework is used in OT networks around the world. A universal multi-protocol integration engine that enables applications to connect to, control, and monitor any device, regardless of manufacturer, Niagara enables integrators to build and deploy control solutions and seamlessly aggregate data from a wide variety of systems and equipment. OT experts seeking open-protocol interoperability have converged around the Niagara solutions offered by Tridium’s OEMs and integration service partners in the building automation business. Niagara is now deployed at the controller level, the supervisory level, and at the edge, and Niagara solutions are used in a wide variety of domains.
businesses use Niagara to connect more equipment, devices and people
into workflows that enable data-driven buildings and industrial spaces,
they can reap the benefits of comfort, energy savings and better
business outcomes. At the same time, any network connectivity also
brings challenges related to cybersecurity, and all stakeholders need
to be aware of the fact that the target landscape for cyberattacks
continues to grow and evolve.
Cybersecurity is a journey that we are on with our Niagara Community. Specifically, we are on this journey with systems integrators who configure our products and facility managers and owners who oversee our products. As an integration platform, it is important that our products are securely configured. Niagara products should always be set up in an organization’s network using security best practices and a defense-in-depth approach. Once deployed, Niagara-based systems need to be kept up-to-date with the most recent security updates and patches. Systems also require continuous monitoring to detect unplanned changes in hardware or software configurations or anomalous activity that could be a sign of cyberattack.
we look at the lessons learned over the last few decades in protecting
our computers and networks, practicing cybersecurity hygiene means more
than deploying new technologies. Any serious effort involves the
combination of people, processes and technology. Organizations need to
adopt best practices and cybersecurity processes, they must deploy
defensive technologies and use technology properly to defend against
the threats. This type of change requires a focus on people. Behaviors
related to the use of technology must change, and people in the
organization need to be made aware of the threats and be trained in new
order to help our community defend against cyber threats, Tridium is
offering the following guidance:
is a partnership: we all have a role to play. At Tridium, we see
Cybersecurity as a top priority, and we are dedicated to continuously
improving the security posture of our products and providing guidance
to Niagara systems integrators, business partners, and facility
managers. We want to work together with you in this cybersecurity
partnership, and we will continue to update you as we release new
security features, enhancements, and updates.
About the Author
Kevin T. Smith is the Chief Technology Officer of Tridium. The author of 7 technology books on the subjects of cybersecurity, semantic interoperability, and software engineering, he is a frequent speaker at industry conferences on various topics, including a focus on cybersecurity and building control systems.
Tridium is a world leader in business application frameworks, advancing open data environments and easy interoperability. Our Niagara Framework® universal multi-protocol integration engine has fundamentally changed the way people connect and control devices and systems., Tridium delivers Niagara software and the JACE® controller and server platform through an open distribution business model with open protocol support. With almost one million instances worldwide, Niagara is helping a significant number of businesses, manufacturing enterprises and government entities improve performance and reduce energy, operating and other costs, and be more strategic and competitive. The Niagara Community is a large and active community of innovative developers, integrators, consultants, manufacturers, resellers and end users who use Niagara daily. Tridium is an independent business entity of Honeywell International Inc.
[Click Banner To Learn More]
[Home Page] [The Automator] [About] [Subscribe ] [Contact Us]