SECURITY
SECURITY
SECURITY
Fresh look at building automation security exposes network vulnerability
Engineers at Forescout Technologies Inc. call it the “wow effect.”
When they meet with a client and present a complete overview of a network, the response is invariably a jaw-dropping, forehead-slapping exclamation. Many surprised customers often had no knowledge of how many devices were online or the threat exposure that created.
“They had no idea that a camera was directly connected to the internet,” said Elisa Costante (pictured), senior director of industrial and operational technology innovation at Forescout. “We basically bring light on the dark side of the network. We are looking at all of those tiny devices that you do not expect to be on your network and what they can do.”
Costante spoke with Jeff Frick (@JeffFrick), host of theCUBE, SiliconANGLE Media’s mobile livestreaming studio, during the RSA Conference in San Francisco. They discussed the challenge facing many buildings with legacy systems today and the need for network visibility to prevent the spread of viruses in critical institutions. (* Disclosure below.)
Lack of security in legacy systems
In many facilities, building systems are legacy-driven, using older technology that was developed without security in mind. Facilities managers are often reluctant to replace their legacy systems, and information technology is bolted on top.
This is where things can go seriously wrong. “Sixty percent of buildings today are controlled and managed by systems that are 20 years old,” Costante explained. “But you’ve made an investment and you don’t want to change.”
The result can be an attack such as the WannaCry virus, a ransomware worm that spread like wildfire across global computer networks in 2017. WannaCry victimized many hospitals, including the National Health Service in Great Britain.
The vulnerability of public health organizations as a result of one virus highlighted the need for network visibility in an operational technology grid, understanding what devices are connected in real-time.
“You could have the controller for your heating, ventilation and air conditioning exposed to the internet and pull down all of the air conditioning in a hospital, for instance,” Costante said. “WannaCry put down a lot of hospitals.”
Watch the complete video interview below, and be sure to check out more of SiliconANGLE’s and theCUBE’s coverage of the RSA Conference. (* Disclosure: Forescout Technologies Inc. sponsors theCUBE’s coverage of the RSA Conference. Neither Forescout nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)
Photo: SiliconANGLE
A message from John Furrier, co-founder of SiliconANGLE:
Support our open free content by sharing and engaging with our content and community.
Join theCUBE Alumni Trust Network
Where Technology Leaders Connect, Share Intelligence & Create Opportunities
11.4k+
CUBE Alumni Network
C-level and Technical
Domain Experts
15M+
theCUBE
Viewers
Connect with 11,413+ industry leaders from our network of tech and business leaders forming a unique trusted network effect.
SiliconANGLE Media is a recognized leader in digital media innovation serving innovative audiences and brands, bringing together cutting-edge technology, influential content, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — such as those established in Silicon Valley and the New York Stock Exchange (NYSE) — SiliconANGLE Media operates at the intersection of media, technology, and AI. .
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a powerful ecosystem of industry-leading digital media brands, with a reach of 15+ million elite tech professionals. The company’s new, proprietary theCUBE AI Video cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
