BCS January 2022 Update

  • Post author:
  • Post category:Blog
  • Post comments:0 Comments

Advancing Security and Safety In a Smarter World

Our Mission

Establish products and services developed by private sector stakeholders to enhance human safety and protect asset value by offering marketdriven options and frontend insurance incentives to promote cyber protections in smart technologies across multiple sectors.

Our Vision

As global nonprofit entity, Building Cyber Security (BCS) will collaborate with the
insurance industry to incentivize investments in operational technologies, processes, training, and recovery plans to reduce cyber risk to business brand, operations, and personnel.

The Problem

Integrated Operational Technologies (OT) in smart buildings, machines, and
industries for a more efficient and convenient world offer new vectors of risk to asset value and performance are not being complemented by a commensurate cyber safety/security framework to mitigate risk to lives, property, or resources. The general public does not have programs or consumer choice in the market to counter the risks presented by the exploitation of smart technologies to threaten homes, cars, work areas, or essential services.

The Threat

Bad cyberenabled actors (criminals, terrorists, disgruntled employees, etc) are
increasingly attracted to buildings and infrastructure for ransom payouts and other destructive activities due to the combination of high asset value, compelling threats to human safety, and relatively low cybersecurity protections. Governments do not have the flexibility to quickly respond to this threat to the
built environment. As a result, asset owners, operators, occupiers investors, and insurers have increased portfolio liability and risk leading to volatility in insurer offers for cyber, property, and casualty policies.

The Costs

According to the World Economic Forum, cyberattacks are cited as No. 1 in the top 10 global business risks. Gartner predicts that the financial impact of CPS attacks resulting in fatal casualties will reach over $50 billion by 2023. Cybersecurity Ventures expects global cyber-crime costs to grow by 15 percent per year over the next five years, reaching $10.5 trillion annually by 2025. This represents the greatest transfer of economic wealth in history.

The Liability

Gartner predicts 75% of CEO’s will be personally liable for cyberphysical security
incidents by 2024.
Cybersecurity claims have skyrocketed in 2021, particularly from ransomware attacks targeting high value assets with low cyber security postures. “Failing to properly maintain reasonable cyber security measures, procedures, and practices appropriate to the nature and scope of business operations” has become the primary claim in a growing number of class action lawsuits.

A Global Solution

BCS understands that smart technologies must incorporate cyber security and
safety engineering to minimize the potential of an unsafe condition. BCS is translating existing global OT cybersecurity standards into a dynamic, actionable framework and certification program that will reward investors who adopt robust and persistent cyber protections. A tiered (platinum, gold, silver, bronze)
certification process rewarding the selection of technologies, their design and integration, and life cycle management will allow stakeholders to determine the level of safety commensurate with their business risk. Executives will be able to receive consistent feedback on the status and effectiveness of cyber protections throughout the enterprise. Investments in certifications will be returned through reduced insurance rates, less business disruption, and increased employee/customer/client/ consumer confidence.

Progress

BCS is organized to implement frameworks, certifications, and training programs to meet specific industry cyber protection needs in six industry vertical councils (real estate/facilities, healthcare, automation/robotics, transportation, consumer devices, and infrastructure)

BCS is involved with 300 companies including Facility Owners & Operators, Critical Infrastructure operators, Control Systems Manufacturers, Original Equipment Manufacturers, Equipment Installers, Standards Organizations, Audit Agencies, Technology System Integrators, Smart Device Manufacturers, Engineering Companies, Insurance Companies, Cyber Services Companies, Microelectronic developers.

BCS’s Technical Working Group comprised of national experts in the protection of smart operations technologies donated thousands of hours to develop the first national BCS Framework for cyber safety in facilities and real estate. An unprecedented industry effort.

Over 25 critical reviews of the Framework were conducted by BCS members and stakeholders to prepare for the next phase of framework testing and refinement across a range of asset types.

A wide range of institutional and private owners, large occupiers and property management companies represented by over 100 Commercial Real Estate entities, along with real estate associations, is leading adoption of the framework. BCS is currently testing the framework for buildings.

BCS is engaging with insurance underwriters with the strong support of our founding member, AON, to apply the framework to client risk reviews and determine insurance incentives for BCS certifications.

BCS Membership has grown by over 100% in 2021 through interest in our mission from national headlines, the efforts of our advisors and stakeholders.

We formalized partnerships with the International Society of Automation (ISA), the National Electrical Manufacturers Association (NEMA), the Center for Internet Security (CIS). REALCOMM’s Real Estate Cyber Consortium (RECC), and the Telecommunications Industry Association (TIA).

We initiated working groups with the Society of American Military Engineers (SAME) and the Association for the Advancement of American Infrastructure (AIAI) to update cyber protection design and construction standards for federal facilities and critical state and local public works. projects funded partially by the $1.2 trillion Infrastructure Investment and Jobs Act.

Looking forward to 2022, we are postured to achieve the following:

  • Publicly release the framework to our first industry sector commercial real estate
  • Establish a certification and training program for licensed entities to implement the BCS framework
  • Finalize the costs and range of insurance incentives to obtain a BCS certification
  • Grow BCS Membership and pursue other resources to fund the growth of the framework into the
    industrial and public services sectors
  • Expand public awareness of the products and services offered by BCS for public safety
  • Generate funds through federal requests for design and engineering reviews
  • Increased collaboration with local/state/federal agencies on implementation of the framework

As headlines confirm, the cyber threat is growing more sophisticated every day. The private sector ecosystem in BCS is taking bold action now to incentivize proactive cybersecurity protections for physical safety in an increasingly smart world building cyber security.

Leave a Reply