October marks Breast Cancer Awareness Month, Hispanic Heritage Month and — perhaps lesser known — Cybersecurity Awareness Month. First declared by the president and Congress in 2004, this annual, month-long initiative has grown into a collaborative effort between government and industry to generate discussion of cybersecurity, increasing awareness and decreasing risk.
As our world grows increasingly digital and Internet of Things (IoT) technology becomes more prevalent, cybersecurity has become a topic of conversation within the vertical-transportation (VT) industry. In 2020, National Elevator Industry, Inc. (NEII) published Elevator and Escalator Industry Cybersecurity Best Practices. This guideline was developed alongside cybersecurity and codes experts from NEII member companies, VT associations and technical experts to address new technology that “takes elevators and escalators to new levels in availability, efficiency and general building safety … [and] presents exposures to the world of cyber threats such as denial of service attacks.”
To prevent hostile cyberattacks, some companies have enlisted friendly hackers, computer experts who use their skills to expose weaknesses in a security system, providing valuable insight. KONE recently co-sponsored a “white-hat” hacking competition at the annual Disobey Nordic Security Event in Helsinki, Finland. The “Capture the Flag” challenge saw hacker teams race to find a vulnerability in a KONE test monitoring system and exploit it. KONE also offers a financial reward incentive program called a “bug bounty” in which selected ethical hackers are asked to probe services and products to expose potential vulnerabilities.
Later this month, Liftinstituut will hold a one-day live training on cybersecurity for the lift and escalator industry, covering the risks of IoT capability, cybersecurity laws and standards and how to implement cybersecure best practices. ISO 8102-20 cybersecurity requirements for VT equipment, first introduced in 2022, will also be covered. The seminar is planned on October 16, in Munich, Germany, coinciding with interlift.
In recognition of the 20th year of Cybersecurity Awareness Month, the Cybersecurity and Infrastructure Security Agency (CISA) announced a new cybersecurity awareness program. “Secure Our World” focuses on how individuals, families and small to medium-sized businesses can improve security by taking four critical actions:
- Use strong passwords.
- Turn on multifactor authentication.
- Recognize and report phishing.
- Keep software updated.
CISA notes that it’s important to keep these protective measures in mind all year — not just in October — to promote cybersecurity at home and work.
Get more of Elevator World. Sign up for our free e-newsletter.
