Building Automation

BACnet Security Issues and How to Mitigate Cyber Risks

BACnet is a commonly used protocol for building automation and operational technology (OT) systems, and is used to establish communication between various devices in a network. Because BACnet-based building systems were originally deployed in isolated (air-gapped) environments, BACnet was not designed with security. Therefore, millions of BACnet devices are lacking common security mechanisms such as…

Read More

BACnet MS/TP Security Risks and Vulnerabilities

What is BACnet MS/TP? BACnet MS/TP (Master-Slave/Token-Passing) is a widely used communication protocol in building automation and control systems. BACnet MS/TP is implemented with a shared bus and one or more building control devices daisy-chained along the wiring from a controller or a BACnet IP router/gateway. BACnet MS/TP Scalability The maximum number of BACnet MS/TP…

Read More

Smart Building Cybersecurity Best Practices

Understanding Smart Buildings Smart Buildings are structures equipped with a network of interconnected devices, sensors, and systems that collect and exchange data to optimize various aspects of building operations including operational efficiency, sustainability, occupant comfort and experience. These connected components include heating, ventilation, and air conditioning (HVAC) systems, lighting, access control, elevators, life safety, and…

Read More

AHR Expo 2024 Event Preview

Veridify Security will be exhibiting at the AHR Expo 2024 in booth S6174. Our demo is getting assembled and being prepared to be shipped to Chicago! Verdify will be exhibiting a live demo of DOME™, a building automation cybersecurity platform that protects both new and existing building automation devices.  The newly revised demo platform will…

Read More

How to Conduct a Cybersecurity Risk Assessment for Smart Buildings

As smart buildings are becoming increasingly prevalent, the integration of advanced technologies into the infrastructure of these structures introduces a myriad of cybersecurity risks. Conducting a comprehensive cybersecurity risk assessment is imperative to identify potential threats, vulnerabilities, and safeguard the integrity of smart building systems. This blog post will explore key steps and considerations involved…

Read More

Building Automation Systems, Smart Buildings, and 5 Ways to Make Them Cyber Secure

Watch this webinar replay of “Building Automation Systems, Smart Buildings, and 5 Ways to Make Them Cyber Secure” to learn about cybersecurity for buildings. Buildings are becoming more connected and more at risk to cyberattacks. This webinar will address the following items: • Connected building trends • Building controls advancements and operating efficiencies • Connected…

Read More

Cybersecurity threats to hospitals and healthcare facility building management systems

A recent cyberattack forced a healthcare organization to cancel non-emergency surgeries and send some emergency patients to other facilities. In another attack, a hospital took it’s critical systems offline, impacting patient safety, requiring less efficient care methods, which also increased labor demands. It’s still impacted two years later. Cyberattacks on hospital and healthcare facilities increased…

Read More

Zero Trust Security for Building Automation: What You Need to Know

Building automation systems (BAS) are becoming increasingly common in commercial buildings, providing centralized control of building operations, including HVAC, lighting, access control, elevators, and life safety systems. While these systems can increase energy efficiency and reduce costs, they also pose significant security risks. In recent years, there have been several high-profile attacks on building automation…

Read More

Cyberattacks on K-12 Schools and Higher Education

K-12 schools and universities are increasingly becoming targets for cyberattacks due to the valuable information they hold, such as student and staff personal data, financial information, and research data. Cyberattack statistics include: Proofpoint found that 90% of higher education institutions experienced at least one successful phishing attack in 2019. Malwarebytes found that the education sector…

Read More