According to a report by Honeywell, improving cybersecurity for operational technology (OT) systems ranks as one of the top priorities for surveyed facility managers over the next 12 to 18 months. This is likely because more than 7 in 10 (71%) of surveyed facility managers consider OT cybersecurity a concern or worry. Moreover, respondents cite OT cybersecurity as the building improvement that would provide the most significant benefit to their stakeholders.
This report, Protecting Operational Technology in Facilities from Cyber Threats: Constraints and Realities, the third in Honeywell's 2021 Building Trends series introduces the challenges, priorities and assessments of surveyed facility managers in the United States, Germany and China across the education, healthcare, data center and commercial real estate industries. The survey findings indicate that facility managers recognize the potential threat of an OT cyberattack and acknowledge the importance of building occupants.
Surprisingly, only 44% of respondents currently have a cybersecurity solution to protect their OT systems from potential threats. Furthermore, only one-third (33%) plan to invest in OT cybersecurity products over the next 12 to 18 months.
OT systems monitor, control and protect processes, equipment and operational environments. Within a building, assets such as HVAC, building management and security systems can all be entry points for bad actors if not adequately protected.
"Conversations about cybersecurity often focus only on IT and safeguarding data and assets, but OT cybersecurity is just as critical when you think of the potential effects. Imagine an entire data center team being denied building access or a hospital that can't properly manage airflow in critical areas," said Mirel Sehic, global director cybersecurity, Honeywell Building Technologies. "A building's OT environment should be monitored and maintained as rigorously as an IT system, but oftentimes the importance of practicing strong cyber and digital hygiene in OT systems is overlooked and underfunded."
The survey found that more than 1 in 4 surveyed facility managers (27%) have experienced a cyber breach of their OT systems in the last 12 months, and 66% of respondents view managing OT cybersecurity as one of their most challenging responsibilities.
COVID-19, among other drivers, has prompted many respondents to adjust their near-term priorities. A majority (56%) are currently more willing to invest in safety-focused solutions (including OT cybersecurity) than they were before the onset of the pandemic.
"While the survey findings indicate that facility managers understand the importance of OT cybersecurity, they lack sufficient, consistent investments to fully protect their buildings and assets," Sehic said. "The impact of cyber incidents can go beyond financial loss; operational and reputational damage can be equally critical, if not more so. As more building owners understand the potential effect of an OT attack on operations and infrastructure, facility managers will be in a better position to make smart buying decisions and heighten cyber resilience across OT environments."
To view the full report, please visit Protecting Operational Technology in Facilities from Cyber Threats: Constraints and Realities.