Welcome

Press release

IET warns that buildings need improved cyber security practices to safeguard against hackers

05 November 2014


The Institution of Engineering and Technology (IET) has launched a new guide, Code of Practice: Cyber Security in the Built Environment, to help building owners develop more effective cyber security management to protect their building management systems and information from cyber attack.

With a focus on practical advice, the new guide explains how to protect a building’s systems from hackers and other unavoidable incidents, as well as how to improve their business continuity processes. It also covers personnel security advice as today’s building management must also consider threats from disgruntled staff or contractors.

The premise for the Code of Practice is that building owners, operators and occupiers need to understand cyber security and promote awareness to a building’s stakeholders.  This includes giving appropriate briefing to the design, construction and facilities management teams.

Hugh Boyes, IET Cyber Security Lead and author of the Code of Practice, said: “It’s common practice now for all parties involved in building construction and management to operate in line with stringent health and safety practices.  Failure to address cyber security risks could have just as dire consequences as neglecting health and safety, such as serious injury or fatality, disruption or damage to building systems and loss of use of the building, and yet awareness of the issue is markedly lower.

“It’s tempting to think that hackers attacking buildings and their operating systems are the reserve of science fiction movies, but these kinds of attacks are already starting to happen in real life. Hackers have attacked building management systems governing heating, ventilation and air conditioning systems. There is also the example of a cyber-attack on the Target group of stores in the US, which was initiated using remote access credentials from one of the company’s contractors. In this example, the hacker was able to gain access to the corporate network, resulting in the theft of card details for over 140 million credit cards.

“While hacker attacks of this kind remain relatively rare, building owners and managers can’t afford to be complacent.”

Buildings are becoming increasingly complex and dependent on the extensive use of information and communications technologies. The Code of Practice explains why it is essential that cyber security is considered throughout a building’s lifecycle and the potential financial, reputational and safety consequences that may arise if cyber security threats are ignored.

It provides clear user-friendly guidance to help people from a wide range of technical and non-technical backgrounds understand how managing cyber security applies to their job roles – and outlines their personal responsibilities in maintaining the security of the building.

For more information, visit: http://www.theiet.org/resources/standards/index.cfm

Media enquiries to:

Hannah Kellett
External Communications Manager

Tel: +44 (0)1438 767336
Mob: +44 (0)7738 602426
Email: HKellett@theiet.org

Notes to editors:

  • Interview opportunities are available with IET spokespeople from a broad range of engineering and technology disciplines including cyber-security, energy, engineering skills, innovation, manufacturing, technology, transport and women in engineering.
  • The IET is one of the world’s largest engineering institutions with nearly 160,000 members in 127 countries. It is also the most multidisciplinary – to reflect the increasingly diverse nature of engineering in the 21st century. Energy, transport, manufacturing, information and communications, and the built environment: the IET covers them all.
  • The IET is working to engineer a better world by inspiring, informing and influencing our members, engineers and technicians, and all those who are touched by, or touch, the work of engineers.
  • We want to build the profile of engineering and change outdated perceptions about engineering in order to tackle the skills gap. This includes encouraging more women to become engineers and growing the number of engineering apprentices.