[Skip to content]

FM World logo
Text Size: A A A
23 April 2019
View the latest issue of FM
Sign up to Facilitate Daily >
FM World daily e-newsletter logo



WannaCry hit many NHS trusts © iStock

 22 November 2017 | Herpreet Kaur Grewal

Cases of cyber attacks and corporate espionage are on the rise, according to research that highlights the cyber breach of the UK’s National Health Service (NHS) earlier this year.


The WannaCry ransomware froze computers in hospitals across the UK.


Research by Urgent Technology, a global facilities maintenance and asset management software provider, found that according to the Cyber Security Breaches Survey 2017 despite just under half (46 per cent) of all UK businesses experiencing at least one cybersecurity breach or attack in the previous 12 months – rising to two-thirds among medium-sized firms (66 per cent) and 68 per cent for large firms – a sizeable proportion of businesses still do not have basic protection or have not formalised approaches to cybersecurity.


Two-thirds of businesses do not have specific board members responsible for this area. And only 20 per cent of businesses have sent staff to attend any form of cybersecurity training in the past 12 months, and only a third have a formal policy in place.


The study says cyber-hacking is no longer the sole concern of the IT department but “an assault on the entire organisation, from the C-suite, to human resources (HR) and facilities management (FM)”.


It added: “As the lynchpin behind the maintenance of a building’s operational integrity, today’s FM plays an important role in protecting systems against hackers as well as meeting the latest regulatory standards.”


In its white paper the company explains how these divisions can work together to become the guardians of an organisation’s security and data, covering the following areas: 

• Key areas of vulnerability: A particular area of vulnerability is access by end users to any part of the network. Employee security training should educate staff on what habits could compromise organisational security and enable hackers to exploit the building automation systems (BAS) or networked systems.

• The consequences of ignoring the threat of cyber-breaches: Ignoring the threat of cyber-breaches could have far-reaching consequences, including physical damage to equipment or infrastructure, theft of high-value property, loss of revenue and loss of customer confidence.  

•  The opportunities and challenges of IoT: The growing use of the Internet of Things (IoT), which connects devices throughout a building or even an entire city, brings many operational benefits by helping to automate building services, but also opens up the real risk of organisations being hacked through their building management systems (BMS).

• Data protection and the Cloud: It’s important to establish a best practice strategy to secure data in the Cloud, protect data integrity while in transit over the public internet, and securely provision devices. With the introduction of General Data Protection Regulation (GDPR), organisations are not only tasked with keeping personal data up to date, safe and confidential, but they’re also responsible for ensuring that there are the correct access protocols in place.

• The FM’s role in preventing cyber-attack: To address the cybersecurity risks that may affect their organisation, FMs first need to acknowledge that they have a crucial role to play. This is because, due to the evolution of information technology within the workplace, the responsibility for data security has tended to be viewed as the remit of the IT department.


Jesse Klebba, Urgent Technology CEO, said: “FMs and their organisations face significant challenges in the future in combating the cyber threats posed by the convergence of physical assets within a building with data.

"This is why a wide-ranging and proactive approach should be taken to ensure that the FM can reap the undoubted benefits of workplace digitisation, while ensuring that facilities are not open to undue risks. In the future, FM and IT must always remain alert to the latest cyber threats, and must work together with their software supply chain to help reduce the likelihood of data breaches.”


To download the Cyber-threat and the FM Solution white paper, please visit: https://urgtech.com/cyber-threat-whitepaper