The InsideIQ Building Automation Alliance, an international alliance of independent building automation contractors, is addressing the issue of cybersecurity to enable member firms to better protect themselves and their customers from cyber attacks. A newly formed Cybersecurity Committee will provide education and support to promote best practices in cybersecurity, especially to safeguard building automation systems (BAS).
Cybersecurity experts have identified that one of the most vulnerable and least thought about entries to an organization’s IT networks is through the BAS, which is used to control the lights, heating and cooling, access controls and even elevators. Previously not considered vulnerable, these systems have typically had only minimal security in place. As a result, a BAS can be used by unauthorized people to gain access to an IT network. As an alliance of leading building automation and security companies, InsideIQ is taking the initiative to ensure its members have the deepest expertise at their disposal to keep their customer’s facilities protected.
“Sharing knowledge between firms is important objective of InsideIQ, so creating a cybersecurity committee was a logical decision,” says Frank Rotello, president of the InsideIQ Building Automation Alliance. “Cybersecurity, or the lack of it, will affect each member company in one way or the other and it’s important that we evaluate our practices and technologies so we know how to keep our customer’s systems secure.”
Objectives of the Inside IQ Cybersecurity Committee include the following:
Hold cybersecurity education webinars for InsideIQ members
Host online wikis for customer and member cybersecurity education
Build relationships with national and international cybersecurity experts
Work with industry professionals to evaluate products in terms of cybersecurity
Create a product evaluation process as it relates to cybersecurity
Create a first responder list of companies that can assist in the event of a breach
Alert members to IT threats specific to control systems
Launch a Cybersecurity section on the Inside IQ web board
“Almost every week there is a report of a breach and hackers do use control systems as a bridge into corporate networks because historically the BAS lacked security,” adds Fred Gordy, chair of the InsideIQ Cybersecurity Committee and technology evangelist for McKenney’s Inc, an InsideIQ member firm based in Atlanta. “Inside IQ is taking a stand as a group to educate its members, assist members in the event of a breach with a solid list of first responders, work with cybersecurity experts to evaluate products and practices, and support each other over all. This will enable InsideIQ firms to offer their customers best practices in cybersecurity to keep systems and networks safe.”