In conversations with five leading experts in the security space, this Deep Dive explores the challenges, solutions, and strategies for strengthening cybersecurity efforts, mitigating risks, and helping property managers safeguard their real estate assets. With cyber threats on the rise and advancements in technology, companies across all sectors are placing increasing emphasis on strengthening their cybersecurity efforts. For many organizations, including those in commercial real estate, cybersecurity is becoming the top priority, often taking precedence over physical security measures.

According to Allied Universal’s 2023 World Security Report, nine in ten chief security officers (CSOs) from large companies in 30 countries reported greater concern over cyber than physical security. This highlights the critical importance of cyber defenses in today’s increasingly digital world.

In interviews with five industry leaders, these experts provide actionable insights into how businesses can fortify their cybersecurity protocols, mitigate vulnerabilities, and prepare for emerging threats in the digital landscape. Their perspectives emphasize how organizations can safeguard their assets and ensure resilient, secure environments for the future.

This Deep Dive is divided into three key sections:

The Cybersecurity Landscape: Tackling Modern Challenges

AI-Driven Security Solutions: The Future of Safe, Smart Buildings

Building Resilience: The Role of Data, Certification, and Cybersecurity in Property Value

In conversations with five leading experts in the security space, this Deep Dive explores the challenges, solutions, and strategies for strengthening cybersecurity efforts, mitigating risks, and helping property managers safeguard their real estate assets.

The Cybersecurity Landscape: Tackling Modern Challenges

As technology advances, so do the challenges associated with it. Cybersecurity, in particular, has been rapidly growing and shows no signs of slowing down. According to the Fortune Business Insights report, Cybersecurity Market Analysis – 2032, the global cybersecurity market is projected to grow from $193.73 billion in 2024 to $562.72 billion by 2032, with a compound annual growth rate (CAGR) of 14.3%. With this exponential growth, industry experts have identified the key challenges that must be addressed:

1. Design and Security Challenges

According to Paula Balmori Beltran, Global Director of Security Design and Integration at Brivo and Board President of the Secure Building Council, “security in buildings is much more than just preventing unauthorized access or protecting against threats. It directly impacts the overall experience, operations, and efficiency of spaces. When we think of security in architecture, it’s about more than just setting up locks and cameras—it’s about designing spaces that improve how people interact with the environment, optimize operations, and enhance the safety and functionality of the building. For example, understanding how employees move through a building or how people use common spaces can lead to smarter design choices, like reducing costs on amenities that aren't used or reconfiguring layouts for better flow.” Building design plays a key role in physical security, and integrating technologies like access control, cameras, and turnstiles takes this further. Research in the Journal of Facilities Management shows that combining these systems improves both security and efficiency by centralizing data and enabling faster responses. For instance, linking access control with video surveillance allows for quicker emergency action. Fastlane Turnstiles highlights that modern turnstiles with biometrics add extra security while blending into the building’s design.

2. Cybersecurity Breaches

Rachelle Loyear, Vice President of Integrated Security Solutions at Allied Universal, noted, “If we look at what people said in our World Security Report, and reflect on the key topics of most of this year's industry events, we continue to see cybersecurity breaches as a major concern across all sectors. Ransomware, phishing, and malware attacks remain a major source of trouble, with criminals exploiting weaknesses in both cloud and physical infrastructure and using increasingly sophisticated tactics, such as using AI for targeted attacks.” These attacks have only increased, as evidenced by a Check Point report, which found a 30% increase in Q2 2024 global cyber attacks. Their report finds that, “these cyber attack numbers were driven by a variety of reasons, ranging from the continued increase in digital transformation and the growing sophistication of cybercriminals using advanced techniques like AI and machine learning.”

3. Network-Based Attacks

Derek Ommert, Director of Business Development at ASSA ABLOY Opening Solutions, explains, “One of the challenges we’re facing today is that cyber threats are becoming more sophisticated. In the past, security focused primarily on guards, gates, and locks. Now, however, attackers are more likely to exploit network vulnerabilities—whether that’s through HVAC systems, surveillance cameras, or other networked endpoints. If there's a single weak point in the system—like an unpatched password or outdated software—hackers will find it.” When analyzing targets for the biggest cyber-attacks, HVAC systems are often overlooked, a Cyber Insight article describes. For background, HVAC systems that are attacked are integrated with Internet of Things (IoT) devices, which “help operators monitor the environment and adjust HVAC settings accordingly, ensuring comfortable temperatures and proper ventilation.” Despite these benefits, the systems are vulnerable as they are often poorly secured, as Cyber Insight’s research details, leading many organizations to taking steps to invest in proper cybersecurity measures.

4. Integration

Joshua Rousseau, CEO of Amherst Intelligent Security, observes, “The biggest challenge in the industry isn’t just the technology—it’s the cybersecurity around it. Many security companies focus too much on physical security, thinking putting cameras everywhere will solve the problem. But cameras alone don’t stop crimes. The real challenge is building systems that integrate physical security with the data and cybersecurity infrastructure to ensure that the information is both accessible and secure.” Rousseau makes a valid point here – as many articles point out that security cameras, while functioning can deter crime, are not useful when implemented incorrectly. For example, in a Security.org article, which weighed the pros and cons of security cameras, their main consensus was that “while functioning security cameras have been proven to deter crime, that’s only the case when they function correctly.”

5. Self-Management

Justin Stearns, VP, Chimera Integrations, explains, “from a security perspective, one of the biggest mistakes I see is when organizations try to self-manage cybersecurity, much like you wouldn’t install your own fire alarm system. If you don’t have a dedicated team, hiring a managed security services provider (MSSP) is a must. It's an investment in ensuring you're not exposed to the risks of a breach. It’s also crucial to back up your data properly, keep those backups separate, and constantly test your systems—this is critical for preventing ransomware attacks.” A managed security services provider (MSSP), as Stearns mentioned, is meant to offer a wide range of services “for specific areas such as compliance, cloud security, and identity and access management,” as described by Cyber Security News. Their article outlines the benefits of their services to organizations and how they prevent security threats.

With design and security challenges, cybersecurity breaches, network-based attacks, and integration and self-management risks on the rise, organizations must adopt a more comprehensive and proactive approach to securing both physical and digital assets. These key areas are essential to address as the cybersecurity market is expected to reach $10.5 trillion annually by 2025, according to a report by Cybercrime Magazine. Below are the solutions or trends that our industry experts believe we’ll continue to see:

1. Cloud-Based Access Control

One solution that property managers can consider when tackling these multifaceted cybersecurity challenges is to embrace cloud-based, integrated security systems that enhance both efficiency and protection. Paula Balmori Beltran explains that "security, and specifically smart security technology, is influencing building operations" not only to protect people but also to make buildings more efficient and increase property value. She highlights that "cloud-based access control is revolutionizing security systems" by offering flexibility, cost savings, and ease of maintenance, making it an ideal choice for modern properties. This cloud capability allows for real-time updates and seamless integration with other building systems, functioning much like secure app updates on a smartphone. In addition to these features, cloud-based control is meant to create a “single pane of glass” approach (Stearns later describes this as well), which refers to a “unified, centralized view of all security and building systems, simplifying management and enhancing the security posture.”

On that same note of cloud-based control, Rachelle Loyear also points to the cloud, with her suggestion for cloud-based Security Operations Centers (SOCs), as essential for managing security across multiple sites. A security operations center (SOC), for those unfamiliar, is a “facility that houses an information security team responsible for monitoring and analyzing an organization’s security posture on an ongoing basis,” as reported by Digital Guardian. "These allow property owners and security teams to manage security remotely," Loyear explains, ensuring timely responses to incidents regardless of location. As organizations grow and face evolving threats, "cloud-based SOCs offer scalability and flexibility" that support quick adaptations. Pairing these centers with mobile apps, which deliver real-time alerts and provide remote access to security systems, further empowers property managers to monitor their buildings from anywhere, enhancing both security and peace of mind.

2. Frictionless Access Experiences

Derek Ommert sees a pressing need for improved key management in integrated systems. In property management, traditional keys "are difficult to track and can easily be lost or duplicated," which introduces security risks. Ommert notes that "electronic credentials—whether physical or mobile—offer a more secure and flexible solution" for managing access. With growing interest in touchless technology, buildings are also beginning to implement frictionless access experiences, where "technology anticipates user actions—like automatic door openings or credential-based access—without physical interaction." There are growing expectations for frictionless access in workplaces, an IFSEC Insider report finds. In fact, research from Brivo highlighted that this is due in part to more Millennial and Gen Z individuals joining the workforce. In fact, Brivo’s report determined that upwards of “84% of security professionals think user experience is either extremely important or very important to access control.” These findings no doubt will contribute to more frictionless access control experiences in the future.

3. Evolved Training for New Systems and Integrations

Joshua Rousseau brings attention to another key consideration for property managers: understanding the complexity of security systems. Coming from a property management background, he observes that "no one really explains how security systems work," and they often fail to meet expectations in emergencies. Rousseau discussed how Amherst Intelligent Security’s fully cloud-based solution bypasses local storage, allowing video data to be uploaded directly to the cloud. This change facilitates real-time analysis and instant alerts, ensuring that property managers can retrieve information more quickly and efficiently. Despite many advancements in the era of cloud storage, a report by Haptic Networks doesn’t think that traditional data storage methods will be irrelevant just yet. As they described, “The journey of data storage is one of continuous adaptation, where understanding the foundations of traditional methods enriches our capacity to navigate the future.” Justin Stearns stresses the importance of converging physical and cybersecurity. He shares an example of a hospital where the facilities management team controlled physical security while IT managed digital credentials, creating a significant risk due to the lack of communication. On the cyber-attack side, the American Health Association determined that healthcare organizations are vulnerable to cyberattacks because they possess so much information like Social Security numbers and intellectual property related to medical research. These incidents are leading many healthcare security groups scrambling to provide the best technology, cyber security protections and on call assistance. To address this particular issue, Stearns’ company, Chimera, developed a platform that allows property managers to monitor both physical and cyber security through a "single pane of glass," simplifying oversight and improving response times. Stearns emphasizes that unifying these systems is critical to closing security gaps and responding effectively to incidents. By implementing these advanced solutions—cloud-based access controls, frictionless access experiences and evolved training for new systems and integrations—property managers can proactively address the growing challenges of cybersecurity, ensuring their buildings are resilient against current and future threats.

AI-Driven Security Solutions: The Future of Safe, Smart Buildings

The integration of Artificial Intelligence (AI) into building security systems is reshaping the landscape of both physical and cybersecurity. AI offers new opportunities to enhance threat detection, operational efficiency, and overall security strategy. As AI technologies advance, they are becoming a key component in the development of smarter, safer buildings.

AI in Cybersecurity

AI is playing a pivotal role in transforming the cybersecurity landscape, creating both new opportunities and challenges. According to McKinsey & Company’s article, The Cybersecurity Provider’s Next Opportunity: Making AI Safer, the rapid advancement of AI, particularly generative AI, is significantly altering the way cybersecurity is approached. McKinsey highlights that “the rapid advancement of AI and generative AI is fundamentally transforming the cybersecurity landscape, presenting both opportunities and challenges for cybersecurity providers. As more organizations use AI to enhance their operations, they risk inadvertently introducing new cyber-related threats.” A key concern is the growing cost of cybercrime. McKinsey notes that, “in 2023, the total cost of cybercrime had more than doubled since 2015,” underlining the urgency for businesses to strengthen their defenses. While organizations have improved their response times to cyber threats, it still takes an average of 73 days to contain a breach, a figure that demonstrates the ongoing challenges in securing digital environments. AI is revolutionizing threat detection, enabling faster and more accurate identification of potential security breaches. As noted by Statista, the value of the AI cybersecurity market worldwide from 2023 to 2030 shows that AI-powered cybersecurity solutions are expected to enhance "threat detection and vulnerability management," while also accelerating incident response. AI tools, such as those powered by generative AI like ChatGPT, can sift through vast amounts of data to spot unusual behavior and detect malicious activity. However, the dual nature of AI also presents risks. Statista warns that, “generative AI can also be advantageous for hostile actors,” potentially creating more sophisticated cyber threats such as phishing and malware. Despite these concerns, AI's ability to identify threats in real-time is invaluable as the need for more robust defenses grows. The AI cybersecurity market, valued at $24.3 billion in 2023, is projected to reach $134 billion by 2030, reflecting its increasing adoption. As AI becomes a cornerstone of modern security systems, platforms like IBM WatsonX are setting the standard for AI security. According to IBM, Strengthen Your AI Data Privacy and Security with WatsonX on IBM Cloud, their platform provides comprehensive security measures across all aspects of IT: "IBM WatsonX on IBM Cloud has multi-level security for every aspect of your IT: datacenter, infrastructure, network, cloud, storage, data at rest and transit, and AI models." This ensures that AI models and sensitive data are well-protected, addressing the growing need for robust AI security measures.

Cloud Solutions in Modern Building Security

Paula Balmori Beltran highlights the advantages of cloud-based security systems, addressing a common misconception: “One misconception people often have is that cloud-based systems are less secure than on-premise solutions. However, the reality is that cloud systems are often more secure due to rigorous cybersecurity protocols and regulations. At companies like Brivo, cybersecurity has been prioritized from the start, ensuring that any data related to building access and security is well-protected.” This point touches on an ongoing debate in the security industry, where opinions are often divided on the benefits of cloud systems versus on-site solutions. For instance, an article by Cloudwards noted that 55% of experts believe managing security on the cloud is more complex than on-premises. “However, despite their concern, only 24% of respondents said they had experienced a public cloud-related security incident in the past year.” Regardless of whether a property manager opts for a cloud or on-premises solution, it is crucial that they implement a regular maintenance routine and establish precautions to ensure robust security. Derek Ommert also observes a growing trend toward cloud-based security systems, noting, “A key trend I’m seeing is the shift toward cloud-based security systems. Cloud solutions offer benefits like redundancy, real-time updates, and reduced upfront investment in equipment. However, industries like energy and biomedical sectors remain hesitant to adopt cloud solutions, as they prefer to maintain full control over their data. That said, cloud is definitely gaining traction across the industry, particularly for enterprise-level systems and managed cloud services.” Ommert further discusses the increasing use of biometrics, such as facial recognition, for building access, saying, “Facial authentication technology is becoming increasingly common in executive suites, where it’s used to facilitate easy access to certain areas like fitness centers. The key is finding the right balance between user convenience and security.” Research from Keyless supports the growing preference for biometrics, revealing that 86% of respondents in a poll favored facial authentication over traditional passwords, largely due to its effectiveness. In fact, the study found that “over 131 million Americans use it every day to access their favorite apps, online accounts or devices.”