Cybersecurity Awareness Month was started in 2004 by the President of the United States and Congress. Since then, every October has been a time for both private and public sectors to collaborate and draw attention to the issue of cybersecurity.
In the information age, the data contained within a facility’s complex information systems have a high value placed on them. Many outside parties, such as hackers and other cybercriminals, want access to that information so they can sell it off. For facilities management, this means keeping these systems and sensitive data secured.
To do so, Cybersecurity and Infrastructure Security Agency (CISA) recommends the following four steps that everyone, including facilities managers, can take:
“As cyber threats become more sophisticated, individuals and families, small and medium businesses, and large companies all have an important role to play to in keeping our digital world safe and secure,” says Jen Easterly, CISA director in a news release.
Another measure facility managers can adopt is called “zero trust.” Essentially, zero trust treats anyone who wishes to access an organization’s resources as untrustworthy from the start. These individuals are then required to go through and pass a series of checks, like multifactor authentication, before they can obtain access.
“For instance, the one that we use does not allow anything to leave the physical site of the client, even for assessment as to its first veracity and second security,” Charlie Regan, chief executive officer at Nerds On Site, once told Healthcare Facilities Today. “All the major players send information up to the cloud to a central clearance depot. Now with the journey to the cloud, there is a potential breach at the cloud, and then on the way back. What we use does not send anything away to be assessed. It is always done on site in the server and network environment of the client.”
Zero trust is but one of several methods out there for facilities to take note of for their cybersecurity strategies. There are many different approaches available that organizations and facilities management can take to defend their information systems and sensitive data.
In addition, facility managers play a large role in maintaining cybersecurity for their organizations. Regan says that the role facilities management plays in maintaining the cybersecurity infrastructure is a 24/7 job. Also, information and data are continually exchanged, with most of it even flying under the radar of organizations.
With that reality comes something Regan refers to as data drip, which is when “cyber bots” breach systems to assess the value of data and bring that data out of an organization’s system. He adds that facility managers must keep an ever-watchful eye on data drip and even track down where it goes, such as foreign countries or organizations.
Facilities management has an around-the-clock responsibility to keep tabs on their organization’s data. However, they also have a myriad of options available to them to approach this responsibility. Careful consideration and collaboration on facility managers’ part are critical to cybersecurity.
Jeff Wardon, Jr. is the assistant editor for the facilities market.
