Buildings are becoming increasingly reliant on
technologies that allow centralized monitoring and control of multiple building
systems (such as building automation, fire and life safety, energy management,
physical security, access control, etc.), to assist in accomplishing design and
operational goals. Unfortunately, these new access points, including smart
meters and enterprise energy management systems, have potential vulnerabilities.
The traditional information technology (IT) and building systems operational
technology (OT) are now converging into one data backbone and a new
cybersecurity paradigm must now encompass these converged systems.
The Cybersecurity of Buildings Workshop: OT and IT Convergence
– A New Paradigm, to be held Monday, January 6, 1:30 pm – 5:00 pm as
part of Building Innovation 2014:
the National Institute of Building Sciences Conference and Expo, will
provide an overview of building control systems; explain what federal agencies
and the private sector are doing to develop standards, guidelines, and tools;
offer best practices to help building owners, operators and maintainers create
an Operations Center and Test and Development environment; and culminate in a
live demonstration of a cyber-attack and defense on building control
systems.
Since passage of the Federal Information Security
Management Act (FISMA) in 2002, federal agencies have been required to meet
stringent cybersecurity standards for traditional information technology (IT)
systems. However, the development of protection and analysis standards for
building control systems is only just beginning for the private sector. The
challenge is that the cybersecurity standards and methods used for traditional
IT processes are likely ineffective or even detrimental to building control
systems.
In February 2013, President Obama issued the
Executive Order "Improving Critical Infrastructure Cybersecurity” in response to
the exponential rise in attacks against OT. It is essential for every
organization to understand how an attack can compromise building systems; the
tools cyber-attackers use; the potential damage that could occur; and how
building owners and managers can respond and recover after a cyber-event.
Speakers include:
- Michael Chipley,
The PMC Group LLC - Lisa Kaiser, U.S.
Department of Homeland Security (DHS) Industrial Control System Cyber Emergency
Response Team (ICS-CERT) - Daryl Haegley,
U.S. Department of Defense Business Enterprise Integration Office - Michael Morris,
Root9b - Robert Talbot,
Parsons Government Services - John Saunders,
Professor of Systems Management, National Defense University
The fundamental concept attendees will come away
with is, "Your systems will be attacked and compromised. You need Inbound
Protection, Outbound Detection.”
Don’t miss the Cybersecurity of Buildings
Workshop to receive an overview of building control systems and cybersecurity
efforts; hear about cybersecurity initiatives and tools; and learn about
attacking and defending building control systems and networks.
To attend only the Cybersecurity of
Buildings Workshop or any other free meetings held during Building Innovation
2014: the National Institute of Building Sciences Conference and Expo,
select from the Meetings Only registration options: event tickets 5A or 5B. Register now.
But don’t just come for the Workshop.
Building Innovation 2014 has a number of educational symposia
and meetings occurring during the week focused on hazard maintenance,
information technology, facility maintenance and operations. Plan to attend the
whole Conference.
Register before December
31, 2013, to attend the full Building Innovation 2014
Conference & Expo and save $100 or more off onsite
registration.