Resiliency in commercial real estate is critical. Success means preventing building downtime from cybersecurity attacks or vendor mismanagement, quickly restoring after an incident, and avoiding unexpected costs—all while enabling innovation, data flow, productivity, and performance.
Not protecting your
LIFE SAFETY INCIDENTS
cost of those consequences
can be substantial.
RANSOMWARE VIA EMAIL
to remediate ransomware
due to personal use
knocked offline resulting in 6,000+ manhours
INADEQUATE BACKUP PLAN
unoccupiable for 2 days resulting in $10k lost rent and 1M hours of lost business
The commercial real estate industry has a systemic, embedded soft underbelly from 40 years of digital systems being designed, installed, and maintained by a value chain devoid of IT and cybersecurity expertise. These systems include HVAC, elevator, lighting, metering, parking, access control, video surveillance, etc. This security gap threatens the very availability of the facility, as well as costs, productivity, life safety, and brand.
These incidents have increased significantly but are not frequently in the news because the incidents rarely involve personal information that is required to be disclosed. However, our customers have learned there are startlingly increasing numbers of examples, including ransomware, killware, hacks, and contractor mismanagement.
Intelligent Buildings can help you achieve cybersecurity.
As documented by PwC, in March of 2022, the Cybersecurity Incident Reporting for Critical Infrastructures Act of 2022 was signed into law. It requires companies that are attacked to report significant cyber incidents, offering protections incentivizing them to report. Also in March of 2022, the Securities and Exchange Commission (SEC) published a proposal for Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure by Public Companies. The SEC’s proposed rules are extensive because, in the words of SEC Chair Gary Gensler, “Investors are looking for consistent, comparable, and decision-useful disclosures so they can put their money in companies that fit their needs”. The commercial real estate industry is increasingly under cybersecurity attack at the building level, which will become apparent when reporting requirements are enforced.
Intelligent Buildings can help you with compliance.
Commercial real estate insurance has gaps and exclusions for building systems and contractor breaches, which can have financial impacts ranging from tens of thousands to millions of dollars. These gaps and exclusions are found in property and casualty, general liability, cyber riders, and notably in director and office policies where new exposure has been identified. We regularly interface with and provide information to insurance companies on risk mitigation from our managed services, including verified backups, zero-trust connections, threat monitoring, and contractor policy audits. This has helped our customers acquire insurance and reduce premiums.
Intelligent Buildings can help you with insurability.
SAFE ACCESS TO DATA
Innovation is necessary to achieve sustainability and occupant experience, and innovation requires digital systems, data analytics, artificial intelligence (AI), the Internet of Things (IoT), and the array of personal technology. The challenge is siloed systems, solutions, and contractors using computers, data, mobile, cloud, and remote connections. It must be built on a cyber secure and resilient foundation, or it could be a house of cards.
Intelligent Buildings can help you access your data safely.
The root of the problem: fragmentation. Unlike most proper IT environments, buildings have hundreds and often thousands of technicians that service only their own siloed systems and do not work directly for the building owners but for their contractor company. As a result, for every 100 buildings, you can have approximately 3,000 individual technicians coming in and out of your buildings, any one of which can create a six or seven-figure problem.
Intelligent Buildings can help you achieve alignment.
OT & IT STANDARDS
Cybersecurity differs from enterprise IT at the building level, and traditional technology and practices simply do not work. There is an area of cybersecurity that IT companies and departments have been unable to tame—the vulnerability, fragmentation, and inconsistency from building systems and contractors are evident in the disorder of the IT components in building systems. To further complicate the problem, traditional IT and IoT companies, solutions, and professionals lack the technical knowledge and cultural awareness of building OT systems.
Many IT firms have attempted to provide smart building solutions and services related to controls systems and have failed. As a result, IT companies are virtually non-existent in the building controls OT.
Intelligent Buildings can help you with OT and IT standards.
Operational risks are a major blind spot for investors and landlords and site assessments should be done on a presentative number and type of buildings for both risk management and acquisition/disposal valuation impact.
- Internal & external exposure
- Asset & device inventory
- Available data from existing contractor
- Policy & contractual requirements
- Proprietary systems & contractual requirements
- Maintenance dependence