SecurityWorldMarket

18/05/2017

Smart building cyber security to reach $8.65Bn by 2021

Stockholm, Sweden

The rise of the Internet of Things in Buildings (BIoT) offers up tangible business benefits and many new opportunities for innovation, but these need to be carefully weighed up against the potential risks of increased cyber security vulnerability. The latest report published by Memoori finds that if threats are not properly managed by stakeholders across the supply chain, we run the risk of undermining consumer confidence in the market.

“Cyber security is widely perceived as one of the most prominent threats facing society today,” begins this latest report Cyber Security in Smart Commercial Buildings 2017 to 2021 from Memoori. However, this is not necessarily because attackers are infiltrating society’s most important systems but because seemingly inconsequential elements can act as an entry point for a whole network of vital assets.

Attackers seeking entry into corporate networks will often seek out the path of least resistance. The interconnected nature of the Internet of Things in Buildings (BIoT) means that cyber attacks can pose risk far beyond the initial point of entry. Potentially causing cumulative damages that could potentially permeate into new layers of the enterprise, building and facility portfolio, users, operators, and service providers.

The increased proliferation of smart devices, combined with persistent concerns over cyber risk and data privacy and an increased incidence of cyber attacks against smart buildings will drive a significant increase in demand for new cyber security hardware, software and services in the market.

Memoori estimates that global revenues for smart building cyber security will reach $8.65 billion by 2021, up from an estimated $4.26 billion in 2016, which represents a healthy CAGR of over 15% during the forecast period.

According to Fred Gordy, director of Cyber security at Intelligent Buildings LLC, as much as 80% of the time, an attacker’s aim is to infiltrate the network via a BAS, and to get past those controls to accomplish a larger goal or seek a more specific target. As we dive deeper into the internet of things (IoT) it is not just BAS that creates vulnerabilities.

Organisations that have adopted a centralized approach to building management, through a building management system (BMS) hosted in the cloud could provide the vector for an attack. Network routers, gateways, cloud and Web servers all have the potential to provide potential entry points to a network. The vast number of network connections and servers managed by data centres mean those facilities are highly targeted and any breach could be catastrophic.

Even so called “Bring Your Own Device” (BYOD) policies, increasingly seen in all manner of buildings, can create security vulnerabilities. Security protocols adopted by the average user, on their own personal devices, may not conform to the criteria required to protect a network, potentially making a single mobile phone the weak leak that brings down an organisation.

"It is clear that a more holistic approach to cyber security is required in smart commercial buildings. In order to determine potential system vulnerabilities in a modern networked Smart Building, one must also carry out an assessment of the systems, devices and networks that are connected to building automation and control systems,” states the report.

For smart buildings, a robust building cyber security plan is critical. Armed with knowledge from security audits and security risk assessments, organisations can make more informed risk management decisions and proactively identify the steps required to reduce threats. Even after a plan has been developed, an effective defense involves an ongoing iterative process, which must be continuously reviewed against the constantly changing threat environment.


Tags

Product News

Dahua Technology launches ePoE IP system

Dahua Technology Co., Ltd. is launching a system of extended Power over Ethernet (ePoE) devices including cameras, network switches and network recorders. Dahua ePoE IP system supports up to 800 metres between the ePoE camera and the ePoE network switch or ePoE NVR with an embedded switch. It overcomes the limitations of traditional Ethernet and POE (both restrict cable distances to around 100 metres (328 feet) between network ports) and eliminates the need for Ethernet extension devices or additional network switches.

Business News

Schema for Dahua facial recognition technology

The future is here - when surveillance meets AI

What will the world be like when surveillance meets AI (Analytics Intelligence)?

According to an IHS report from September 2016, security camera shipments continue to grow at 14.1% CAGR and are predicted to reach 190 million units in 2020, despite revenue growth having slowed to 8.1% CAGR. There are just too many cameras and video footage to be digested by human operators. Most security video footage is erased or over-written without being watched. Video Analytics (VA) Technology was once perceived as a solution to automate the utilisation of abundant video footage resources. By means of identifying and tagging the appearance of certain patterns in a video, the VA or AI system could perform search and run statistics on it.

Product Suppliers
Back to top