[Skip to content]

FM World logo
Text Size: A A A
23 February 2019
View the latest issue of FM
Sign up to Facilitate Daily >
FM World daily e-newsletter logo



FMs are managing huge swathes of technology

6 March 2018 | Herpreet Kaur Grewal


The UK faces catastrophe if it does not step up cybersecurity measures, according to a cybersecurity consultant speaking at the BIFM London conference this week.


Mike Gillespie, a consultant at information security and physical security consultancy Advent IM, told delegates that cybersecurity was important because of the increasing “interconnected of the world”. A single device can have access to CCTV and building systems, and “as soon as they are connected to the internet they are a target” he said.


He said “this was not a security problem but a business problem” and it affects all departments.


He said facilities managers were still not aware how much at risk organisations were. Gillespie said: “Many systems such as air conditioning, heating and ventilation have been offline, on their own network but over years, partly because of functional reasons – such as being able to access these systems remotely – these systems have become joined up and online.


“Too many facilities managers are thinking of systems such as CCTV as offline, but they are not. FMs are managing huge swathes of technology that is under the risk of attacks. They are managing systems thinking they are safe, but they are inherently unsafe.”


He said FMs need to become “better engaged with those who understand cybersecurity in their own organisations and other organisations” and “they need to look at good-quality education about cybersecurity for themselves and others and have a systems security check” as a matter of course.


“The threat is holistic so we have to have holistic solutions,” said Gillespie.


He advised FMs to first look at “what they are managing that is connected to the internet, engage with physical and cybersecurity specialists to really understand the vulnerability of equipment and communicate that vulnerability to the board”.