Johnson Controls publishes cybersecurity 'call to action'

CORK, Ireland—Johnson Controls released a “call to action” whitepaper on cybersecurity this week in an effort to help the industry to better protect all of the data that is being produced throughout smart buildings today.

“As data becomes more and more prevalent throughout the buildings where we live and work, so does the need to protect that data; it is no longer enough for a building to be smart—it must now be cybersmart,” according to the new whitepaper, “Cybersmart Buildings - Securing Your Investment in Connectivity and Automation” published jointly by Johnson Controls and Booz Allen Hamilton, a management and technology consulting and engineering firm. This whitepaper provides a roadmap for building managers, building owners, contractors and others to act to protect their information.

“Research clearly demonstrates that cybersecurity is a critical need at a critical hour for buildings around the world,” Bill Jackson, president, Johnson Controls Global Products, said in the announcement. “As building technology and data converge, we must be increasingly vigilant.”

This collaboration between two companies, with more than 200 years of combined expertise in their industries, illustrates the progress being made in raising awareness of the need for cybersecure smart buildings, coined “cybersmart buildings” in the white paper.

“Securing smart buildings and building systems more generally, is a shared responsibility requiring focus and commitment from the manufacturer, integrator, and customer,” Jason Rosselot, director of Johnson Controls' global product security, said in the release. “Just as two industry leading companies were able to collaborate to create this whitepaper, so too can smart building stakeholders partner to follow these recommendations and create cybersmart buildings.”

Jackson added, “Defending against cyber threats today and tomorrow requires the secure design, development and deployment of building automation systems and controls.”

According to the 2016 State of Industrial Control System (ICS) Security Survey by SANS, 67 percent of participants perceived severe or high levels of threat to control systems, up from 43 percent in 2015.

“Smart buildings are now at the forefront of this battle—with tremendous complexity and integration of systems, they represent an increasingly valuable target,” according to the whitepaper. “Connectivity and automation create entry points for cyber attacks with potential safety, continuity, quality and privacy impact. But we can't let this risk cripple innovation.”

According to the whitepaper authors, cybersecurity can be “a business enabler for smart buildings. When done well, cybersecurity is about insuring your investment and assuring your ability to reap the transformative benefits that connectivity offers,” including working “with the right partners to secure your investments when assessing and deploying smart building systems or retrofits.”

The whitepaper, which can be found here, summarizes key insights to help set an agenda for cybersmart buildings.