Cyber security

The Loss Prevention Standard (LSP 2082 : Issue 1.0), published by BRE Global in 2017, defines cyber security as: ‘A system of controls used to protect an organisation, its facilities and other assets (both physical & cyber) from cyber threats.’

Cyberspace is a conceptual world of interconnected digital technology; a virtual meeting place of Internet, databases, email, online networks and other electronic forums. It is the notional ‘space’ where computer networks are connected and communicate.

Cyber security comprises technologies, processes and controls used to protect computer hardware, software and data from attack from spammers, hackers, saboteurs, criminals and other unauthorised persons. Cyber security aims to prevent damage to systems and stop data being made inaccessible.

Cyber security has assumed a more critical role due to society’s increased dependence on computer systems, Wi-Fi, Bluetooth, and the growth of ‘smart’ devices and the Internet of things.

Critical government, national security, medical and financial organisations store vast amounts of electronic data, much of which is of a highly sensitive, personal, intellectual or financial nature. All such agencies face rapidly evolving security risks and so continually adjust their cyber defences, improving, upgrading and bolstering, and generally keeping one step ahead of cyber criminals.

This can be a particular problem in the built environment, where critical infrastructure may be subject to attacks, and the increasing automation of systems such as building management systems can make buildings vulnerable.

The General Data Protection Regulations (GDPR), introduced in Spring 2017, have made it obligatory for every company and organisation to take effective measures to protect personal data or risk being fined.

[edit] Threats to cyber security

As dependence on computer devices and the Internet has grown, so have the number of threats which can come from a multitude of sources, including:

• Denial of service.
• Eavesdropping.
• Keylogging
• Malware.
• Phishing.
• Ransomware.
• Spyware.
• Trojans.
• Viruses.

Defences to these threats include:

• Antivirus software.
• Authentication protocols.
• Authorisation processes.
• Computer access control.
• Encryption.
• Firewalls.
• Mobile secure gateways.
• Secure coding.
• Secure operating systems.

[edit] Related articles on Designing Buildings Wiki

• Adapting your technology to the new working normal.
• Cyber hygiene.
• Cyber resilience.
• Cyber security and engineering
• Cyber threats to building automation and control systems
• Cyber-physical system
• Cyber-security and phishing
• Infrastructure and cyber attacks
• Mitigating online risk.