Cases of cyber-attacks and corporate espionage are on the rise, with notable high-profile breaches, including a cyber-breach of the UK’s National Health Service (NHS) earlier this year, which froze computers within hospitals throughout the United Kingdom. Our new paper analyses how organisations can better protect themselves against cyber-attacks. Contributor Jesse Klebba, CEO – Urgent Technology.
The Cyber Security Breaches Survey 2017 found that despite just under half (46 per cent) of all UK businesses experiencing at least one cyber-security breach or attack in the previous 12 months, rising to two-thirds among medium-sized firms (66 per cent) and 68 per cent for large firms, a sizable proportion of businesses still did not have basic protection or had not formalised their approaches to cyber-security. Two thirds of businesses do not have specific board members responsible for this area. In addition, only 20 per cent of businesses have had staff attend any form of cyber-security training in the last 12 months, and just a third have a formal policy in place.
Cyber-hacking is no longer the sole concern of the IT department; it is an assault on the entire organisation, from the C-Suite, to human resources (HR) and facilities management (FM). As the lynchpin behind the maintenance of a building’s operational integrity, today’s FM plays an important role in protecting systems against hackers as well as meeting the latest regulatory standards.
This paper explains how these divisions can work together to become the guardians of an organisation’s security and data, covering the following areas: Key areas of vulnerability: A particular area of vulnerability is access by end users to any part of the network. Employee security training should educate staff on what habits could compromise organisational security and enable hackers to exploit the Building Automation Systems (BAS) or networked systems.
The consequences of ignoring the threat of cyber-breaches: Ignoring the threat of cyber-breaches could have far reaching consequences, including physical damage to equipment or infrastructure, theft of high value property, loss of revenue and loss of customer confidence.
The opportunities and challenges of IoT: The growing utilisation of the Internet of Things (IoT) which connects devices throughout a building or even an entire city, brings many operational benefits by helping to automate building services, but also opens up the real risk of organisations being hacked through their Building Management Systems (BMS).
Data protection and the Cloud: It’s important to establish a best practice strategy to secure data in the Cloud, protect data integrity while in transit over the public internet, and securely provision devices. With the introduction of GDPR, organisations are not only tasked with keeping personal data up-to-date, safe and confidential, but they’re also responsible for ensuring there are the correct access protocols in place.
The FM’s role in preventing cyber-attack: To address the cyber-security risks which may affect their organisation, FMs first need to acknowledge that they have a crucial role to play. This is because, due to the evolution of information technology within the workplace, the responsibility for data security has tended to be viewed as the remit of the IT department.
FMs and their organisations face significant challenges in the future in combating the cyber-threats posed by the convergence of physical assets within a building with data. This is why a wide-ranging and proactive approach should be taken to ensure that the FM can reap the undoubted benefits of workplace digitisation, while ensuring that facilities are not open to undue risks. In the future, FM and IT must always remain alert to the latest cyber-threats, and must work together with their software supply chain to help reduce the likelihood of data breaches.”