Page 41 - RC2020-EDGEMagazine_SummerEdition
P. 41
Business Solutions
AFTER THE BREACH: HOW CAN MY BUILDING
RECOVER FROM A CYBERATTACK?
KEVIN SMITH
CTO
Tridium
DURING THIS CURRENT PANDEMIC, we are living
in a reality where remote connectivity is a necessity,
and security of our communications, as well as all the
systems we interact with and manage, is of utmost
importance. Certainly, cybersecurity is a top concern for
every industry, but this is especially true in the connected
building industry, where not only information and data
may be stolen, but where physical devices in buildings
can be potentially attacked and controlled by adversaries.
Luckily, for most of us, these nightmare scenarios have Figure 1: The Five Functions of the NIST Cybersecurity
remained something we read about in the news, as we Framework
do our best to prepare for the worst.
guidance for maintaining security and managing security
And then one day it happens to you—the cyber attack you risk for critical infrastructure.
were warned about. You’ve attended trade shows where
they warned of dangerous vulnerabilities. You’ve read The Recover function is a key element of the NIST
articles about how to prevent attacks, and you’ve put Cybersecurity Framework that should help building
safeguards in place. But inevitably, one day you discover owners understand the necessity of applying the other
that your organization has been hacked and your Building four functions. To put this into perspective, here is a
Automation System (BAS) has been affected. Regardless scenario that building owners and facility managers can
of perpetrator and motive, the first order of business is a appreciate.
fast recovery. What do you do now?
In the middle of a hot summer day, you are notified
Hopefully, none of you are in that situation as you that your building has gone haywire—all the rooms are
are reading this. There are white papers and product unbearably hot and tenants are complaining. Additionally,
1
hardening guides that provide guidance on cybersecurity the building security system is no longer working,
best practices and cybersecurity strategies that you can and tenant access badges are not working, leaving
use to help prevent and thwart cyber attacks—but what tenants locked out of key areas of the building. Finally,
should you do if it happens? specialized cooling for the on-site data center has been
turned off, shutting down critical cloud services hosted
Luckily, the National Institute of Standards and by one of your business tenants. After a quick investi-
Technology (NIST) Cybersecurity Framework has you gation, it’s determined that the network and BAS have
covered. For those not familiar, it is a standard which been infected with ransomware, and normal building
offers a flexible and customizable security approach operations have ceased and must be recovered quickly.
for any organization, and it lends itself well to the BAS Your phone is ringing off the hook, tenants are outraged,
business area. Focused on five key functions (Identify, and a local news reporter wants answers. How do you
Protect, Detect, Respond, and Recover), it provides respond?
39
