Securing Building Management Systems (BMS)

Building Management Systems (BMS) — a.k.a Building Automation Systems (BAS) — that are part of facility-related control systems (FRCS) and other U.S. Federal government ICS & SCADA networks serve crucial roles in maintaining safe and effective operation of U.S. Government facilities both at home and abroad. Yet, these systems are often the overlooked aspects of the security of the mission, regardless of whether that mission is defense, diplomatic, or even medical.

With new, numerous and different types of entry points to exploit, the growing connectivity of BMS has made it easier for adversaries to gain unfettered access to mission operations through Facility-related Control Systems (FRCS) and Federal Government buildings, bases, and operations at home and abroad. By prioritizing cybersecurity in building management practices — starting with the adoption of the above principles for securing BMS environments — government agencies and the Services can lay the groundwork for a strong cybersecurity strategy for them. Claroty can help the public sector, and specifically the U.S. Federal Government, across Services and agencies by identifying and addressing vulnerabilities in all of their BMS, critical and otherwise.