Mission Impossible: Cyber Security In Property Management
Modern buildings, like modern life, rely on technology massively. We have all seen films where buildings are hacked in an effort to retrieve sensitive information, either on a commercial or national security level.
But, that is just in the movies. Tom Cruise cannot really hack into the Burj Khalifa with the help of Simon Pegg? It cannot and does not happen in real life. Cyber security is important but it is the IT person's job to manage it, right?
Nothing could be further from the truth according to CBRE Managing Director Enda Luddy.
Speaking at CBRE’s market outlook event he explained that how we manage and occupy real estate is increasingly dependent on systems with IP enabled technologies which hugely improve the efficiency and functionality of the modern building.
However, Luddy warns, therein lies the problem. All IP enabled technologies can be hacked, which means the safety of your building should be a priority for all property managers, landlords and owners.
The building management system, fire alarms, lifts, heating, air conditioning, access control, the sprinkler system and the security system are all areas which can be vulnerable to outside threats.
Corporate deals could be at risk if the security system is hacked, according to Luddy.
The camera system within your building can easily be accessed to allow interested third parties view people visiting your building, with advanced facial recognition techniques making it possible to identify these people.
In the majority of cases this will not cause anything other than a minor irritant, but in some cases knowing the identity of the visitors to your business could reveal the possibility of a large deal such as a merger, with significant money to be made from being aware of this sensitive information.
“Probably of more concern is the threat to destroy your fire alarm or lift controls. Doing this would make it impossible to occupy your building until a new system is installed which could take weeks,” Luddy said.
“The threat is real and will impact all properties, from offices to hotels to retail, industrial and residential,” Luddy added.
He also warned of the necessity of being vigilant with the vetting of maintenance companies for the IT systems that are so heavily relied upon. “It is so easy to infect equipment with a virus that could lay dormant and be activated at a time in the future or cause huge damage immediately.”
Luddy said that cyber security ratings (like energy ratings) will soon be a feature in buildings to inform occupiers when they are searching for space. “Currently occupiers are grappling with cyber security and how it impacts their business. Many people will be aware of the Maginot line — a huge defensive line built by France after the First World War to defend their border. But the aggressor took the back door, totally negating the value of the defensive line.”
Firewalls and protections on internal systems have been a key part of business for some time but many occupiers will now start looking at the buildings they occupy and how cyber secure they are.
“Occupying a building at risk could result in occupiers being denied access to buildings due to health and safety risks after a cyber attack. As owners, occupiers and managers of buildings we need to be proactive in ensuring our buildings set the highest standards of cyber security.”
Though Luddy thinks it likely that the first cyber-attack on a building will be in one of the world’s larger cities it should not be a reason for property managers in Dublin to be complacent because secure buildings will be more attractive to occupiers.
"Don’t be surprised to hear occupiers and investors asking the cyber question over the coming years," he said. "Our buildings are vulnerable but we can secure them by minimising risk exposure — and these buildings are the ones that occupiers will want to occupy.”