This month, as the 2020 edition of the Construction Specifications Institute’s MasterFormat® rolls out – the specifications-writing standard for North America’s commercial building design and construction projects – a new requirement will come with it: Integrators must now ensure that Division 27 and Division 28 cybersecurity standards are met and included in all projects.
Because many of the AV, security, life safety, and communications systems integrators now design and deploy are connecting to clients’ enterprise networks, integrators face a new responsibility: These solutions not only need to work correctly, but they need to be secure to eliminate potential vulnerabilities for clients.
Because of this requirement, we anticipate that clients in all markets will also begin asking more questions about integrators’ cybersecurity policies (both internal and external) before projects move forward:
- Do you have cyber insurance?
- What assurance can you provide that the systems and devices you’re connecting to my network won’t create security issues?
- Will you be monitoring these devices and systems for potential threats?
- What response plans do you have in place in case of a breach or security incident?
Selling a system that isn’t properly secured is now considered just as bad as selling a system that doesn’t work as promised.
When cybersecurity is ignored, you not only leave customers vulnerable to attacks, but you also prevent your business from being able to take on lucrative projects that involve cybersecurity (and these types of projects are growing rapidly).
“If you don’t comply, you’ll lose business,” says NSCA Executive Director Chuck Wilson.
He shared his thoughts – and tips on how you can be prepared – with Defendify Cofounder Rob Simopoulos on a recent podcast.