The risk profile of current and emerging cyber threats to commercial and institutional building sites cannot be overstated. Sites include and may not be limited to critical utilities such electric, water and waste management, hospitals, nursing homes, schools, airports, stadiums, office buildings, prisons, and courts. Protecting these sites from bad actions or errors from employees can minimize outside takeover of operational systems, and risk to loss of life, personal injury, and harm to the environment. Threats are being orchestrated by increasingly sophisticated bad actors that can include nation-states, terrorists, organized crime syndicates, and other individual or sponsored hackers. This panel will review a framework architected by non-profit entity called BuildingCyberSecurity.Org to assign a risk assessment score at each site using a method called Cyber-Physical Impact Modeling (“CIM”).

This approach serves to incentivize comprehensive enhancement of technology, processes, and training to respond to a rapidly evolving cyber-physical threat. The strategic intent is to achieve highest short and long-term reduction of risk and cost that may be triggered by a disruption or adverse alteration to building operations, per highest emphasis on hazard mitigation from personal injury, loss of life, and harm to the environment. Core to each CIM is harmonizing existing government frameworks, such as ISA/IES 62443 and the NIST Tier Model and convert for private industry adoption, as per application of subject matter expertise in: a). Building Management Systems, b) Telecom networks, c). Artificial Intelligence, d). Data science, e). IoT sensors, f) EH&S policies, and g). Digital twins for virtual interactions and behavioral mapping to understand & apply correlations to targeted business outcomes. A resulting learning-curve provides decision makers evidence-based logic to optimize risk reduction with workplace satisfaction and financial outcomes. It is the intent of this panel to foster a collaborative and forward-thinking discussion architected to drive positive change in the building sector.

Learning objectives:

• Understand that that the risk profile of current and emerging cyber threats to undermine the functional, operational, and safety needs of occupants and owners of commercial and institutional buildings cannot be overstated.
• Understand the need for a trusted cyber-physical framework for scoring the risk profile to protect building management systems and reduce risks to life, safety and health for protection of employees and visitors.
• Gain understanding and access to implement a market-driven cyber-physical framework created by cyber-secure stakeholders to improve physical citizen security and safety called Cyber-physical Impact Modeling (“CIM”).
• Understand that the strategic intent of this framework is to achieve highest short and long-term reduction of risk and cost that may be triggered by a disruption or adverse alteration to building operations, per highest emphasis on hazard mitigation from personal injury, loss of life, and harm to the environment.