As we drive towards digital transformation, data and information security has emerged as a growing issue for intelligent facility control systems that use microprocessors, IP, and web interfaces.
System control data and information security is one of the keys to successful facility operation and management. The access, process, transmission and storage of critical facility control system data and information must be protected.
Companies seek ways to strengthen cybersecurity measures to protect their critical data from theft and attacks, and WSP is offering solutions that help them lock down often overlooked facility-related control systems (FRCS) vulnerabilities that exist outside the traditional enterprise information systems and networks.
WSP works with facility managers and control system engineers to provide cybersecurity planning and design services for facility related control systems (FRCS) – the technology systems used to monitor and control electrical, mechanical, lighting control, fire life safety, electronic security systems and other facility control systems within a building or a campus.
“The facility technology cybersecurity services provided by WSP focuses on electronic security systems, building utility management and control systems, and fire and life safety systems,” said Jaco Cronje, solution architect for Building Technology Systems at WSP. “This differs from traditional IT or enterprise cybersecurity, which handles internal computer systems, such as firewalls, email blocking, password management, people directories, operating system updates and malware protection.”
Cyber attackers have successfully accessed classified company data using HVAC systems, electronic security system, and in one case, a cloud-connected fish tank sensor as entry points into the network.
A security breach in an insufficiently protected facility could cause an elevator to shut down between floors, override lighting and air conditioning unit controls, falsify security camera footage, steal personal data, lock or unlock access-controlled doors, or completely shut down a building’s electrical supply.
“Cybercriminals actively scan and explore to find the weakest point to hack into a corporation,” Cronje said. “A sophisticated cyber attack on a facility’s vulnerable control systems could allow unauthorized entry into the enterprise network, or cause a multitude of major disruptions that would impact productivity or create panic that could lead to injury, data theft or extortion.”