Technology in buildings presents substantial risk. Today, building owners, managers or users must get on the front foot with these risks.
WHAT IS RISK?
As the sector starts reviewing the risks that it faces, it is worth defining what is meant by a risk and therefore what should be included on the risk register. According to the International risk standard (ISO 31000:2018) a risk is:
"effect of uncertainty on objectives"
WHAT IS DIGITAL RISK?
Digital risks are simply those uncertainties that exist in an ever more digital world. It is not just the risk of technology itself, but the wider risks that are faced as society embraces technology and we rely on people to use it wisely.
These risks might include how buildings are managed, its brand, the viability of the business models used, changing customer expectations or hidden bias in the data used.
"Digital risk is not just about technology, it is the risks to our buildings in a digital age"
EXAMPLES OF BUILDING DIGITAL RISKS
In 2019, the media reported that cameras in the Kings Cross area were using live facial recognition technology. The property developer faced criticism from the general public and privacy campaigners and the ICO launched a major investigation into its use of the technology.
The Berlin Commissioner for Data Protection and Freedom of Information issued a record fine against a German real estate company for GDPR violations in 2019. The fine was imposed on the company for its failure to comply with basic data protection principles regarding the personal details of its tenants.
A global bank came under widespread criticism when it started monitoring the activities of staff in their office. The computer software was intended to monitor the effectiveness of people's time at their desks but the system discouraged staff from taking any breaks at all, leading to a backlash from staff.
HVAC CYBER ATTACK
A US retailer was victim of a huge data breach when malware was used to steal data on around 40 million debit and credit cards. The sector was shocked when it was revealed that the hacker's entry point was through the retailer’s HVAC (Heating, Ventillation & Air Conditioning) supplier, highlighting the vulnerability of online HVAC systems to a cyberware attack.