Shop cart

Welcome

Programme of publications and activity - Cyber Security Consortium

Details of proposed publications and future work of the Consortium.

Consortium members have free access to a host of current materials to ensure you are up-to-date with the latest guidance. As a member, you can also volunteer to join one of our technical committees who will be producing our future guidance - you could be informing the industry by working on the following:

Proposed publications

1. Code of Practice for Cyber Security in the Built Environment

(a)   Introduction
(b)   Managing Cyber Security – provides an understanding of the principles behind a  good practice approach to managing cyber security.
(c)   Managing ‘Policy’ Aspects – provides advice to help understand the policy aspects of good practice guidance, supported by self-assessment questions to allow a better understanding of the current situation.
(d)   Managing ‘Procedure’ Aspects – provides advice to help understand the procedure aspects of good practice guidance, supported by self-assessment questions to allow a better understanding of the current situation.
(e)   Managing ‘People’ Aspects – provides advice to help understand the people aspects of good practice guidance, supported by self-assessment questions to allow a better understanding of the current situation.
(f)    Managing Specific Issues – will discuss specific technical issues that may be applicable to the organisation and their occupation or use of the built environment.
(g)   Self-Assessment Evaluation – provides a summary of the self-assessment questions and allows the organisation to evaluate their built environment related cyber security performance as compared to good practice.
(h)   Next Steps – describes the steps an organisation should take having completed the self-assessment evaluation of their current approach to managing built environment related cyber security.
(i)    Appendix A – Glossary
(j)    Appendix B – References

2. Guide to Smart Systems Interconnection

This Guide addresses the cyber security implications of interconnecting systems, both those under the control of the building owner and operators, and those controlled by third parties including tenants and occupiers. It will examine the types of solutions available to provide protection at the interfaces and thus limit the effects of any intrusion or malicious activity. It will identify the key points to be addressed in the planning and implementation of any systems integration or interconnection.

3. Guide to Remote Access by Third Parties

This Guide addresses the cyber security implications and issues related to the remote access to building systems by third parties, e.g. manufacturers, suppliers or support contractors. It will provide advice on the steps that should be considered when planning such connections and the policies and procedures that should be in place to manage these connections. Examples include remote monitoring of plant and machinery and access to IT-based systems to allow remote control of software updates.

4. Guide to Cyber Security for Building Information Modelling (BIM)

This Guide will focus on key cyber security issues related to the implementation and use of BIM within an architecture, construction or engineering organisation. It will highlight key points that need to be addressed in order to ensure that the modelling information is handled in an appropriate manner from a cyber security perspective.

Future work plan

Following on from this initial work, it is planned that further Guides will be produced. Potential future topics include:

  • systems maintenance;
  • data protection and privacy;
  • cyber security and the supply chain;
  • incident management.