Klaus Mochalski and Tim Bauer (FACHSPRECHPARTNER - IT/OT for Building Automation, Facility Management, and Building Operators) discuss the blind spot in smart buildings. Find out why building automation is hardcore OT, why the industry lags years behind in industrial security, and why clients must immediately include this topic in their specifications.
Sound Bites
Tim Bauer: “[...] Building automation is definitely not IT; it’s OT. [...] Because it doesn’t just display data—it influences the physical world. And that, to me, is exactly what OT is.”
Tim Bauer: “[...] I keep getting the feeling that many operators now have digitized buildings, but no digitized operational organization. In other words, the organization isn’t set up at all to address OT security.”
Klaus Mochalski: “Well, I hear very clearly that this has become a recognized issue, but I also gather [...] that in the industrial sector, we’re lagging behind by a good five years when it comes to OT security.”
Tim Bauer: “In the production and industrial environment, I only want to grant access to my knowledgeable staff. In building automation, I actually want to grant access to as many people as possible so that they can utilize the use cases of building automation.”
Tim Bauer: “NIS 2 isn’t really the shocker here. NIS 2 is just holding up a mirror, so to speak, and many are seeing for the first time that their buildings are operated digitally but not managed digitally at all.”
Tim Bauer: “Personally, I believe OT security should be managed as an operational model. [...] That would eliminate questions like: What software do we need to buy to put this issue to rest? Who do we need to hire? Or which processes should we document? No, it should be fully integrated.”
Chapters
00:00 Introduction to Building Automation and OT
05:05 Technical Aspects of Building Automation
08:41 Development of OT Security in Building Automation
12:08 Challenges of OT Security Compared to Industry
16:23 Role of Manufacturers in OT Security
21:06 Regulation and NIST 2 in the Building Sector
23:36 Future of OT Security and Recommendations for Action
Keywords
Building services engineering, OT security, IT security, building automation, smart buildings, critical infrastructure, standards, protocols, responsibilities
