We are currently involved in a three-year NSF-funded research project on the Internet of Things (IoT) and Cybersecurity. IoT devices are increasingly a standard component of buildings. As these sensors are connected to the internet and networked to building technology (such as heating and lights), they introduce potential security vulnerabilities. Although technical solutions exist to counter security issues, implementation of these solutions are often impeded by the challenges that an organization’s Information Technology (IT) staff and a building’s Operations and Maintenance (O&M) staff have when they work closely together and share their knowledge about computer security and how buildings operate. These difficulties arise from different ways of working and different points of view about how technology works. These challenges, in combination with a policy environment that rarely regulates IoT devices, increases risk, leaving buildings vulnerable to attack.

Our project will address these challenges by studying two critical areas: (1) how O&M and IT groups currently share their knowledge and skills in order to improve IoT security and (2) how public policies and an organization’s own rules regarding privacy and security impact how IT and O&M collaborate. The results of this study will generate knowledge around how IT and O&M professionals can work more effectively together to improve the security of our nation’s buildings and offer insights into how public policy may affect professional cybersecurity collaboration to manage IoT risk.

This project is a joint venture of the Communication, Technology, and Organizational Practices (CTOP) Lab and the Cyber-BE lab.

NSF #1932769, “SaTC: CORE: Medium: Knowledge Work and Coordination to Improve O&M and IT Collaboration to Keep Our Buildings Smart AND Secure.”