Groundbreaking report includes guidance to aid decision makers and help protect buildings against an array of threats and risks
Alexandria, VA (August 7, 2018)—The ASIS Foundation, in partnership with BOMA International (BOMA) and the Security Industry Association (SIA), today released groundbreaking first-of-its-kind guidance for practitioners in the security and building management fields. Intelligent Building Management Systems: Guidance for Protecting Organizations provides a framework to help decision-makers assign a risk-based criticality or impact to their building and asks relevant security questions to develop appropriate mitigation strategies. It also serves to establish a common language between the many intelligent building stakeholders.
The guidance is based on original research, Building Automation & Control Systems: An Investigation into Vulnerabilities, Current Practice and Security Management Best Practice, by David J. Brooks, Michael Coole, and Paul Haskell-Dowland of Edith Cowan University in Perth, Australia. The research provides an exhaustive overview of identified intelligent building critical vulnerabilities and mitigation strategies.
“The ASIS Foundation is delighted to work with our partners BOMA and SIA to support such critical research in a rapidly developing but insufficiently understood field,” says Sandra Cowie, CPP, director, Global Security and Business Continuity, Principal, and 2018 ASIS Foundation President. “Building automation invokes cutting-edge issues and technology such as the Internet of Things and advanced video analytics, as well as traditional concerns such as physical access control and proper procedures. The integrated whole undoubtedly poses challenges that are still emerging. This research is indispensable to helping our members get a handle on both the challenges and the opportunities of this fast-growing market.”
According to the report, the intelligent building market is growing 31% per year and is expected to exceed $59B by 2023. These systems are increasingly embedded into the contemporary built environment due to the demand for reduced operating costs, government regulation, and greater monitoring, control and operability. However, this growth comes with a substantial set of security vulnerabilities that many security and facility professionals have not accounted for. Importantly, the research finds a significant disconnect between security and facility professionals’ perceived understanding of intelligent building threats and risks versus actual dangers. In addition, the report revealed that a lack of common terminology and practices can result in misunderstandings and siloed views of associated security risks. The report findings emphasize the need to:
- Take a multidisciplinary proactive management approach to intelligent building vulnerability mitigation, and
- Fuse multidisciplinary participants into an intelligent building security team.
Additional findings include the recognition of intelligent building integrators and cybersecurity experts as partners who can help organizations better understand threats and risks, and more effectively achieve intelligent building security.
Brooks and Coole will discuss the report on Wednesday, Sept. 26 at Global Security Exchange in Las Vegas, as part of their Protecting Against Building Automation Vulnerabilities lecture.
“The research developed by the ASIS Foundation provides insights that should be leveraged by our members and the industry to better understand and identify vulnerabilities within Intelligent Building Systems. An essential outcome from this project is the recommended guidance and checklist that will help security practitioners and security technology solutions providers work together to implement strategies to mitigate against potential risks,” says Don Erickson, chief executive officer, SIA.
For more information or to download infographics and the free report, visit www.asisfoundation.org.
About the ASIS Foundation
The ASIS Foundation, a 501(c)(3) nonprofit organization, elevates the security profession worldwide through research and education. The Foundation awards grants and scholarships to help chapters and individuals, including those transitioning to careers in security management, achieve their professional and academic goals. Governed by a Board of Trustees, the Foundation is supported by generous donations from individuals, allied organizations, ASIS chapters and councils and ASIS International. To learn more, visit www.asisfoundation.org.
About Building Owners and Managers Association (BOMA) International
The Building Owners and Managers Association (BOMA) International is a federation of 88 BOMA U.S. associations and 18 international affiliates. Founded in 1907, BOMA represents the owners and managers of all commercial property types including 10.5 billion square feet of U.S. office space that supports 1.7 million jobs and contributes $234.9 billion to the U.S. GDP. Its mission is to advance a vibrant commercial real estate industry through advocacy, influence and knowledge. Learn more at www.boma.org.
About the Security Industry Association
SIA (www.securityindustry.org) is the leading trade association for global security solution providers, with nearly 900 innovative member companies representing thousands of security leaders and experts who shape the future of the security industry. SIA protects and advances its members’ interests by advocating pro-industry policies and legislation at the federal and state levels, creating open industry standards that enable integration, advancing industry professionalism through education and training, opening global market opportunities and collaborating with other like-minded organizations. As a proud sponsor of ISC Events expos and conferences, SIA ensures its members have access to top-level buyers and influencers, as well as unparalleled learning and network opportunities. SIA also enhances the position of its members in the security marketplace through SIA GovSummit, which brings together private industry with government decision makers, and Securing New Ground, the security industry’s top executive conference for peer-to-peer networking.