Marc Petock Chief Marketing & Communications Officer Lynxspring, Inc.
Contributing Editor, Automatedbuildings.com
Since 2004, October has been designated as Cybersecurity Awareness Month. While we should be thinking about cybersecurity every day, this month is a stark reminder that we need to continually protect ourselves and our assets. According to the World Economic Forum, cyber incidents rank alongside natural disasters and climate change as one of humanity’s top ten risks globally.
Cyber threats are an unfortunate reality within the built environment. Nowhere is it more important than right now to ensure for their cybersecurity posture. Buildings and the systems that operate and manage them are cyber targets and part of the threat landscape. Improving cybersecurity control and programs should be a priority for every organization because a successful system intrusion can lead to several issues that directly affect the organization, its business, and its occupants.
Did you know:
– Hackers have been penetrating control systems since 2006
– The average cost of a breach in the U.S. now stands at $9.4 million
– On average, companies require 277 days to identify and contain data breaches
– ICS-Cert advisories have increased by more than 34%
– Gartner recently commented that” threat actors will have “weaponized” operational technology environments to cause human casualties by 2025”
The Cybersecurity & Infrastructure Security Agency (CISA) recently published an alert entitled Control System Defense: Know the Opponent that provides a good overview of cybersecurity for operational technology/industrial control system (OT/ICS) assets. https://www.cisa.gov/uscert/ncas/alerts/aa22-265a
The operational, financial, and reputational impact of cybersecurity is tremendous. We have moved from awareness to justification. Cybersecurity has become key to how owners/operators select solution partners. Cybersecurity has been and always will be a shared responsibility whether you are a solution provider, system integrator/contractor, distributor, service provider, MEP, or building owner/operator.
Cybersecurity unawareness is not an option.