Discover how facility managers can work closely with CISOs to prevent cybersecurity threats and make smarter, more secure technology choices. This episode highlights the importance of collaboration and how to ensure tech implementation aligns with both operational and security goals.
In this episode of the Connected FM podcast, host Edward Wagoner, with over 30 years of experience in real estate, chats with Erik Hart, Chief Information Security Officer (CISO) at Cushman and Wakefield. Together, they dive into the crucial role facility managers play in keeping their tech choices secure. It's not just about picking the right technology — it's about implementing it correctly to avoid cybersecurity pitfalls, like ransomware, and major financial losses.
Drawing from the real-life example of the CrowdStrike incident, Erik Hart shares valuable insights into the role of a CISO, the importance of strong vendor relationships, and how FMs can safely navigate the tech landscape. They also discuss the pressure facility managers face to adopt new technologies, and how to strike the right balance between innovation and maintaining strong security practices.
This episode is packed with practical advice on fraud awareness, risk management, and how to tap into internal IT and legal resources to stay ahead in the ever-evolving world of facility management. Whether you're a seasoned FM professional or just starting out, this conversation will help you think smarter about your tech decisions.
Resources from the episode:
Erik Hart: [00:00:00] I think one of the biggest things that I see in that FM space with technology is It's not about the choice in the technology, but it's the implementation. Those are the things I think are important is like one. Having them be advisors to you on how it's being implemented, but two, also making sure it's being architected in the right manner so that it's not implemented wrong, which then leads to other things where now, you know, can they get into a BMS system?
Can they cause ransomware on that? Now you have something that if they can't recover that could be a problem. Hundreds of thousands of dollars of cost to replace that sort of thing. So that's where I look for the engagement is if you're looking at tech and you're unsure, do you have an outlet or an avenue for the FMs
Host: Welcome to ConnectedFM, a podcast connecting you to the latest insights, tools, and resources to help you succeed in facility management. This podcast is brought to you by IFMA, the leading professional association [00:01:00] for facility managers. If you're ready to grow your network and advance in your career, go to ifma.
org to get started. Today we're excited to kick off a brand new series called intersections, where we'll dive deep into the convergence of technology and facility management. To guide us through this journey, I'm handing it over to our host Edward Wagner, who has over 30 years of experience in the real estate industry, including two decades as a technology executive.
So without further ado, let's get into it.
Edward Wagoner: Hi there. I'm Edward Wagoner. With over 30 years in the real estate industry, including two decades as a technology executive, I found myself at the intersection of the physical and digital worlds. As real estate technology continues to explode, the demand to use digital tools and managing our facilities is growing fast.
If you're anything like me, You're probably [00:02:00] navigating the same challenges. That's exactly what we'll be exploring in intersections, a new series on the connected FM podcast. In each episode, we'll chat with expert guests who share their insights and give you practical advice on how to handle the rising digital demands.
Facing facility managers. We'll explore different ideas and strategies to help you decide which initiatives to fast track. Which ones require a more cautious approach and which ones might need a full stop before proceeding. After all intersections can be risky places and the collision of physical and digital worlds is no exception.
Speaking of risk before this past July. You might not have heard of CrowdStrike, one of the leading cybersecurity platforms. That all changed when a software update caused global computer outages that affected millions. A lot of you reached out to IFMA, [00:03:00] asking what an event like that means for facility managers.
And who better to help us understand this kind of incident? Then a chief information security officer or CISO to break it all down. We connected with the inspire leadership network, a top organization for CIOs and CISOs much to our delight. They recommended Eric Hart, the CISO from Cushman and Wakefield to help us unpack what happened and what it means for facility managers.
Erik, welcome to IFMA's Connected FM podcast. And thank you so much for taking time with us.
Erik Hart: Thank you for having me. I'm glad to be here.
Edward Wagoner: , You know, before we get to our topic, I want to make sure people understand what a CISO does, a chief information security officer. So could you quickly explain a CISO's roles and what responsibilities are?
Erik Hart: Sure. So a lot of our roles and responsibilities kind of in every organization can be different. But for my role working for commercial real estate, and obviously where [00:04:00] we do facility services to is really number one, partnering with our clients, looking at, you know, what they need, what are their concerns is we're doing services for them.
We're handling things were, you know, taking care of those building systems like What are the important things to them? What are the things that we need to control? And obviously we bring in third parties. You know, we're not the ones who fix the plumbing or do those sorts of things. You know, what are they requiring of those third parties?
Making sure they're doing things in a safe and secure manner. I really enjoy it. You know, it's what you get to see with all the different clients, all the different needs, you know, of clients that have hundreds of thousands of employees to Hey, we're just managing a building and stuff like that.
And then what you know, not only our client wants, but what the people in the tenants of that building are looking for as well. So I mean, in a nutshell, yeah, okay, there's a lot of the cyber stuff and you'll talk about all the threat actors and this and that's going on. But really, I look at it is how do we perform these services for our clients in a secure manner and [00:05:00] meeting the needs of the business?
Edward Wagoner: I love the way you talked about putting the clients. First and putting the real estate out there, because I think so often we technical people can make things really technical and people don't understand it. And I think too, you know, the CISO role is relatively new compared to the C suite roles. Most people are familiar with like a CEO, COO, CFO, even a CIO, like the role that I was in for so long.
But many CISOs are being assigned greater responsibilities. I know Gartner recently said that you guys are going to see a pretty substantial increase in responsibilities of the next couple of years. And you're even reporting to the boards of directors for a lot of initiatives. So let's take it back a couple of weeks to our topic about CrowdStrike, which, you know, made headlines.
And I'm sure a lot of you and your peers spend a lot of times discussing that with CEOs and boards. Help our audience understand in the business terms, like you probably would have talked to your CEO or board. What happened that [00:06:00] day?
Erik Hart: Yeah. So it's funny that you mentioned that because with me, obviously I have a lot of inroads with CrowdStrike. I've been an early adopter. I've been a customer of CrowdStrike from two organizations for over eight years. So know all of their executives well, I've spent a lot of time with them. And, you know, it's funny that day I got woken up and, you know, I get up early.
I'm like It's 4 a.m I look at my, you know, my, my iPad and I go, why do I have 87 emails and three missed phone calls? Some coming at 2, 3 in the morning from people in the UK. And I'm like, huh? Like what's going on? There's not a usual day, you know, yes. Okay. You get volumes of emails. I'm like, okay. I'm like, then I go right to one of my peers who he's in the UK.
I got like four messages from him. And I'm like, my message to him was. You know, he's like this that you need to get up. I'm like the world better be coming to an end. And he goes, it is CrowdStrikes taking out the world. And I think I jokingly said, can I at least put on some pants, you know, and he's like, be quick about it.
So we talked about it. We did those sorts of things at 7 a. m. My time. So, okay. 4 a. m. [00:07:00] I'm like finding out, okay, the world is, you know, everybody thinks the world's coming to an end. They don't know what it is. Is it a cyber threat? This is the big, you know, this is a big one. You know, at first what I was getting, this is a big cyber, they've been breached, all these things.
Okay, hold on, no. Then it starts to settle down. Like, okay, something's going on with them. It's not a cyber breach. We talk about it. We talk through things. You know, I have obviously an intimate knowledge of how CrowdStrike works just being a long time partner of theirs. And, you know, we kind of went through, and the overly simplistic thing that happened was like, It was a bad antivirus update.
That's what I said. And actually, at 7am, my time, I was on with, My boss, the CDIO, my peer who runs all the services stuff and with pretty much every executive, every CE we have and every business leader at 7 a. m. and they're like, okay, what's going on? It's like, it's not a breach. It's not any of these other things like that.
I go, it's basically a bad antivirus update. It's been stopped, contained. Here's where our impact is. Here's where we're [00:08:00] focusing on. It's just a good old fashioned IT outage and we're going to work through the problem. Yes. the problem, the steps to remediate it are pretty manual. Go into a computer, do this, delete file, reboot computer gets happy again sort of thing.
But it's like, look, it was a, yep, all hands on deck. Our IT our help desk, our site services people, our infrastructure people was like, here's the fix. Now we know what systems are, go out and do these things, and then we just started prioritizing things. Go after this first, get this running. Okay, when you got that, then we'll move on to these things and that things, and it really just became that.
You know, it was interesting because the other thing for us in the facility services sides is, look, it's one thing about the infrastructure we run. It's the other thing where, okay, a lot of what we do for our clients is actually third party providers. Again, I'll go back to that plumbing thing. We don't fix the plumbing, we bring somebody in.
Okay, well, who is and isn't functioning in that space? So we saw a few providers have some issues for a period [00:09:00] of time. It was like, great, how do we go about those business continuity efforts? How do we keep things running? You know, at the end of the day for us, yes, it wasn't a fun weekend for me. You know, from Friday morning till about, you know, Tuesday afternoon, when everything were pretty much returned to normal, we knew what the problem was and focused on it and really One of the key things for us was the continuity sorts of things.
What are the things? Okay, this is down How do you continue to service client when you don't have this? What are the pivots? What do you do manually? What are things you're just going to write down and you're going to go back and put in that system later You know when it comes back up hopefully in a day that was I think important where like again, i'll go back my plumbing analogy is You Like, I don't have just one plumber that comes to my house.
I have my regular guy who I can schedule, and then I've got an emergency one when I have that oh, you know, oh darn moment, and I need somebody like in the next hour. And that was the sort of thing. Having that continuity in those services and what you can do is important, which sometimes is, it's a piece of paper, pen, and a phone, that you can [00:10:00] continue to do a lot of the things you need to do.
Edward Wagoner: There's so much goodness in everything you just said. And I want to peel back the layers on some of that as we talk the rest of the episode. But, you know, one of the things I think a lot of people hear, you know, CrowdStrike and what happened that day. And they think that it's just something that we, IT people will deal with because, you know, let's face it.
A lot of the headlines are when a bad actor does something or tries to steal something. But as you just described, you know, I think there's some real examples from. You know, the physical building aspect that people need to realize, , it's a normal, hack that we talk about. It's like someone breaking into a building or someone piggybacking in to steal from a tenant.
You know, it's a, it's someone we don't know a bad situation. And this one, the way you describe it, I think I'm going to use an example here that I think will resonate with our facility managers. It's like a trusted and approved vendor that has successfully worked for our building for years and has [00:11:00]authorization to be in there, walks into the mechanical room to perform routine maintenance that they've successfully performed many times.
And they just make a human mistake and cripple the entire building. Is that an example of kind of what happened that, that would resonate with our facility managers?
Erik Hart: Yeah, I mean, it's no different again, you know, I come back to the, you've had that electrician come in and they make an oops. And now all of a sudden, you know, now the panel is, you know, toast and like, okay, now you have to work to prove it. You know what it is. You know what the part is.
You gotta go get it. You gotta do it. You gotta spend the time to go fix it, but no different than that. And you're right. I mean, you look at it. It's interesting. I mean, in the technology world, Like the trusted bread. We people use Microsoft and other things like that. You know for many years in the IT space We've always done the you know, we don't just roll out a Microsoft patch the day it comes out You know you do a little bit of testing you do little things like that same thing facility providers Look, they're gonna make mistakes, but it's like okay how fast Can they help?
And I think the other [00:12:00] key thing, look, when they made the mistake, they showed up to support their clients. I mean, I heard from some of their executives. I heard from other people. I heard from my client, you know, my client executive messaging me. They're like, what do you need from us? And I was like, Well I have everything, not only from, one, from what I was getting from them, but also my peers.
Other people who sit on advisory boards with me with CrowdStrike. Other things like that, intelligence and other things that were coming in from other people. It was really a bunch of people like coming together and it's like, okay, You know, here's the fix. And I actually told him, I said at the time, nope, don't need anything.
But then when I said, yeah, okay, I need to validate something we did. And I need one of your engineers to tell me, is this right or wrong? Like, I'm like, I know it's wrong, but I'm like, I want to know what the fix is. I think I know what it is, but you need to validate my thought pattern. Within 30 minutes, they had somebody on the phone with me.
I said, we did this. I think we have to go do that. Am I right? They're like, yeah, you're right. I said, there's no other way around this. No, there's no other way around. Okay. Like, you know, that's the sort of thing. I think with any of these things, when you [00:13:00] have that trusted provider, it's how they show up, how they show up to help and fix the oops.
That's what they did. Is I look across the industry. No, yes, we all saw the press. We all saw the things, you know, Delta Airlines down for days. Yes, United and American. They both run CrowdStrike to did they have issues that day? Yes, they did. Did they have issues for a week? No, but CrowdStrike again showed up for them and support.
And I think in anything you've got to look at it is how do you have the right partners that When people make mistakes, humans make mistakes, do they show up to help fix the problem?
Edward Wagoner: love that. And it actually leads into a bit into the next question. And I think too, you're a little unique because you're a CISO, but you also are in the real estate industry. So you understand some of the. Building technologies in a way that, you know, a CISO for an insurance company or a bank may not necessarily know or understand.
So, with that as background, how would you advise a facility manager to [00:14:00] engage their CISO when they're considering. A new building or real estate technology, because you're probably in a situation where the CISO knows nothing about that company, doesn't have the relationships, doesn't have the background that you had with CrowdStrike.
So what can an FM do? You know, if they're coming to you or your peer in another organization to help you help them in making those technology decisions.
Ad: Job searching doesn't have to be time consuming. With the right resources, you can save time and increase your exposure among leading employers eager to hire. IFMA's JobNet allows employers to search for potential candidates. and view their resumes while protecting the job seeker's privacy. Your contact information will only be provided to those you allow, eliminating the chance of receiving unsolicited emails and phone calls.
Find your future career on jobnet. ifma. [00:15:00] org
Erik Hart: I think one of the biggest things that I see in that FM space with technology is It's not about the choice in the technology, but it's the implementation. I'll give you an example. So a few years ago Like we have obviously things that I use the term my when I go to my board. I'm like, yeah, there's things that monitor the internet.
You know, it's searching for things doing stuff like that. All of a sudden we get this alert. Hey, you have this system potentially exposed on the internet and anybody in the world can access it and blah, blah, blah. And we look at it and go, you know, okay, there's a remote ability from anybody anywhere to access this thing.
Now we start to track down via information on the internet where we think it is. Then I'm like, okay, My team do we have any buildings any things we manage in this area region? Oh, well, we have this Okay, I went to that facility manager. I'm like hi I'm, like have you done anything new or implemented anything new like technology wise lately because I actually thought about it as i'm like if I go in saying You [00:16:00] know Did you just set up this with rdp and this and that and I throw which?
Technology people you were one of them But we love to throw out three letter acronyms out there all the time And i'm like if I go to them speaking a different language You It's gonna be like no, like they're not gonna understand it. So I needed to get this down to that level It's like so I started with did you just have somebody new come in and do something because I know it's not you implementing this Oh, yeah.
Well, we had this third party come in and they implemented this new camera system and I said Okay, I'm like did they set up like a level of remote access for you or something like that? They're like, oh no, but they still need to work on it. So they said they were doing something and person didn't understand it That's not their space And they were going to leave it they need it for a little while, but eventually they'll close it down and i'm like, okay I'm, I said well We need to call that provider back and say they've done this in a very unsecure manner And i'm like we either need to shut the thing off or they need to like You Fix it right now and not have it where somebody from China could access this camera system [00:17:00] and start trying to hack away at it.
I think with anything, where I look for the engagement is, if they're going to do something, do you have the right providers implementing it in the secure ways? Now, I'm not saying people in any of these providers we bring in are being malicious. It's just You don't know what you don't know. And there's so many times with the speed of computing and everything moving so fast now, the things that Microsoft and the Amazons that can do where I, you know, if I look back 10, 15 years ago in technology career, if I wanted to stand up a new system from thought and concept to implementation, You know, and putting in new servers was 68 months.
Now you can do it with a credit card in an hour. And I'm like, like, so you look at obviously that speed of 68 months down to one hour. Those are the things I think are important is like one. Having them be advisors to you on how it's being implemented, but two, also making sure it's being architected in the right manner so that it's not implemented wrong, which then leads to other things where now, [00:18:00] you know, can they get into a BMS system?
Can they cause ransomware on that? Now you have something that if they can't recover that could be a problem. Hundreds of thousands of dollars of cost to replace that sort of thing. So that's where I look for the engagement is if you're looking at tech and you're unsure, do you have an outlet or an avenue for the FMS or just go to them with the question?
There will be people there who can have a 30 minute conversation and figure it out, which may save you countless hours and hundreds of thousands of dollars of cost that may come to, you know, you or your client ultimately.
Edward Wagoner: You talk about how fast we can implement technologies now. And it reminds me, you know, our facility managers are getting such tremendous pressure to leverage technology to put in , utilization systems to, to make sure that they've got their buildings, leveraging technology as much as possible.
It's that push to do more, do it faster. And I think quite often they think of. People in roles like you and I have as being the, you know, Dr. No, or trying to stop them. And all we're trying to do [00:19:00] is help them be smart and safe about what they're doing. So they don't create something that causes. A lot of extra work.
So it's about getting that balance right between the demand for technology and data, but also the demand that we have a strong, you know, information security environment which leads me to, you know, a lot of your discussion is around the relationships with the vendors and the partners and making sure we're asking the right questions.
And they've got that implementation history. Let's talk a little bit about the difference between. Using a third party technology provider like IDBMS or IOT systems that a lot of our facility managers are, you know, getting involved with and using, and then the service providers like janitorial, HVAC, you know, even cafeteria providers that I don't think we often think of them as technology.
Providing, but they have technology that helps them provide the services to our buildings and they can actually create problems with the buildings or problems for the occupants. So [00:20:00] between those two, would you give different advice or would you give FMS some things to look for when they're dealing with those different third parties that are coming into their buildings to provide services, leveraging technology?
Erik Hart: I mean, yeah I look at obviously the ones that are implementing the technology, like they're putting in that new camera system or being met. Do they have the right processes in play? Are they, are you doing it in a way where? You know, we segmented or they're talking about that. Look, this thing's isolated from other stuff.
So something happens with it, you know, and I always use it the, you know, if I look at the larger in the world or ecosystem, we have little pockets of things. Look, if one bubble bursts, okay, it's one bubble, but it's isolated, contained within that versus, you know, you have it. If everything's all together now, if that gets caught up.
You know, compromise or as an issue. Now you now that leads into other things. So now you're not just you're not working one problem. You're working to three or four. And now it's like, well, how do you work those down versus if you can isolate the problem as far as the third parties providing the [00:21:00] services?
You're absolutely right. I mean, there's so many. Issues in these third parties nowadays not necessarily always their fault, but where you see, you know issues happen Especially ones that are taking payment things so if you're putting in like you mentioned cafeteria services vending machines that people may be using a gym that's taking a Monthly charge for somebody to use it.
Like how are those right things? I mean I what just last week I was one of the many who got the chance health care letter that says hey, by the way, we lost your information I don't think probably Any of us had heard of that company until it made the news and until all the other things and stuff like that and what it was part of that I didn't even know, but they were actually just one in the stream of providers and things in the health care.
And I'm like, you know, I got the letter sitting here on my desk at a, you know, Bob about your credit monitoring. I think you've got to look at those and just make sure again. Do you have the right contractual things in place? Look, Things are going to happen. Sometimes are the company's fault where they make make a mistake, a configuration issue.
Sometimes it's [00:22:00] just, look, I've seen good things happen to bad people. And it just you know, an employee, something happens. Like, do you have the things in the contract in place that says, hey, look, if something bad happens you don't have to pay for it. know about it, and they notify you and they do those other things.
Yeah, you can do third party risk assessments. You can do all the other things. But we saw what? Equifax many years ago, they get breached. They had, you know, they had this certification and that certification, all these other things. But yet a bad configuration on the system led to one of, you know, well, at the time was one of the largest data breaches now, and every year it's almost like the hold my beer moment with the next one that keeps coming up.
I think it's those like making sure that, look, it's the one thing to, you want to find out about these things and be able to manage your clients ahead of it, not when somebody's coming in and saying, I just saw an alert from my news app and things like that says, blah, blah, blah, which that machine has that name on it, had this breach and all this stuff, or your clients are finding out when they're getting some letter, you know, [00:23:00] You know, downstream and they're like, where, why did this come in?
Those I think are important. When you talk about relationship management, you want to be ahead of the incident, not trailing behind, especially when it's the third parties. And I think those are the important things to think about. You have the right notification, right people. And then for you is okay.
If that comes in, you got that third party and they delivered you that piece of paper that says, Hey, we've just had it. What are the resources internally? What's that incident response that you have? Who are you turning to in your company? Obviously everybody will say, yes, there's legal, you know, the legal people and stuff like that.
That's not the only component of it. You know communications, how are you communicating to your clients any other follow ups that you know? You're contractually obligated to making sure you have that kind of that call list to really go through or others to notify that are gonna be there to help you handle it in the right way so that basically you take an incident and it really becomes a non event.
Edward Wagoner: I love all of that. I love, you know, you mentioned the [00:24:00] contracting, I think, you know, people often don't want to talk to the IT people and they don't want to talk to the lawyers, but we can be your best friends in these situations with helping you mitigate potential risk mitigate, you know, issues that could come up down the road.
I also, as you were talking, I thought about, you know, in our buildings, we do fire drills. All the time, just in case there's a fire. We don't want there to be, but we plan, what would we do if we had that? And I think the examples you just gave. We should do fire drills. What if we lost our BMF system?
What if the elevators completely went out because they were hacked? What if whatever technology we're using in that building lost? How would we operate the building? Could we operate the building? Who would we need to have involved from communications to legal? I think that's great advice. Desktop exercises were always a very fun part of the job because you got into some pretend situations.
But what I've found. Like you [00:25:00] said, over the years they've become those hold my beer moments where something that we practiced actually a couple of years down the road would become a reality for us. Let's get down to just, you know, facility managers have so much coming at them return to the office the way people are wanting to work differently from the way they have before, better utilization practices, sustainability.
Now we're throwing information security at them. How would you advise someone who didn't choose to go into the technology world like you and I did, but now they're having to deal with it every day and have some type of awareness. How would you advise facility managers to keep up with what they need to keep up with to do their jobs?
Are there any resources that you use at Cushman and Wakefield or that you would recommend to facility managers just to stay up with what they need to stay up with?
Erik Hart: So I would think one of the big things for me, there's obviously so much information that word is, you know, that's out there and some of it is Real some of it is just like any media things. [00:26:00] There's fodder in some of it as I've seen You know, obviously the aftermath the crowd strike and you know this that whatever what the impact is going to be I always say, you know Look, one of the things that we try to like like our awareness training We try to put those things those general things out to the facility managers.
We try to do more things I think one of the biggest things for us that we actually do on a more regular basis now and what we're actually seeing is that Is like trying to make them aware of the various fraud things. So for me, number one is like, how do you get educated on fraud and payment? And, you know, two, I always say, just because you got the email and it says it's from whoever, you know, really double check it to me, I would say, you know, I always say, you know, talk to your internal teams.
Like what do you have there? What are those resources? Yeah. There's stuff on the website. Yeah. There's, you know, good stuff that, you know, I use like chief security officer magazine, but there's a lot of tech stuff in there, you know, that they focus on. It's like, how do you talk to your teams about and look at You know, your internal team [00:27:00] researching about what are those base things.
To me, one of the biggest things I've been actually trying to educate our facility managers on is actually nothing tech related. It's been it has a tech spin on it, but it's been about where we've actually seen a increase in our clients getting the lower tech ones getting compromised by a threat actor.
They get in their email. They wait for us to send. Hey, You know, you need to send a payment, you know, stuff or, you know, you know, payment here and then that whole correspondence back. Oh, well, we need to actually change the bank and change this or that. I'm like, those are the one of the biggest impacting things where now somebody's payment goes somewhere else.
Now. Yes, we have process in place that just because you send an email says now send this payment over here. We're not going to necessarily trust that in email. You got to go validate that. You got to go call that. I look at that like, what are those key things that are going on? Where are you the biggest target of?
So number one, having third parties. There's even with some of our facility [00:28:00] managers, we they're engaging with local IT firms and stuff like that, that support them, that do those education sorts of things as well. It's hard, you know, the internet for me, the source I go to, There isn't super great ones that are out there that I think focus on this.
And that's something I would love to see more is like, what are those key high level things? No different than I just got something from our insurance providers and says, these are the 12 controls that we look at in cyber insurance that you know, that you're doing something in, in order for us to think that you have a sound program, you know, what are those things?
And again, I say, you know, Go to your internal companies. You know, obviously the big firms that, you know, like Cushman and the other ones that are comparable all have those people and say, okay, what are you doing? Like, what things do you want us to be looking at or what things you want us to be coming to you for and asking those questions and putting in requests.
And we've set up teams like that in order to take in requests like that from our clients, from other things like that. And so we can help answer those in a uniform manner.[00:29:00]
Edward Wagoner: I love that. And so much of what you've talked about is about awareness and training. But we're coming to the end of our time, Eric, I wanted to, you know, I mentioned at the top of the episode, how ecstatic we were and also very proud being in the industry when the leading organization for CIOs and CISOs recommended you someone from our very industry to discuss this topic.
I think that's really cool that you're recognized as an expert and that we've got that in our industry. So it's something we should be proud of. Really appreciate you taking time to share your expertise, but Also for the work you and your team do quite often behind the scenes to help protect facility managers, clients, occupants, and the buildings that all of us use that are surrounding us everywhere we are.
So Eric, thank you so much for taking time.
Erik Hart: Thank you very much. And it is a pleasure doing this today.
Edward Wagoner: Cyber incidents are not always the result of bad actors. Sometimes a trusted employee or partner while doing something [00:30:00] they've done many times before can make a mistake that cripple systems and business operations. Cyber threats also extend far beyond your facility.
Anyone, anywhere can trigger an incident that impacts your business. If you're in Facilities Management and find the cybersecurity topic challenging, you're not alone. IFMA offers a training course, a Facility Professionals Guide to Understanding Cybersecurity, and a white paper, The Convergence, Managing Digital Risk, and Facility Management's Role in Protecting Digitized Buildings.
You can find links to both, along with tips on collaborating with your CISO and tech partners in the show notes. A special thanks again to Erik Hart from Cushman and Wakefield. And to the Inspire Leadership Network for helping make this conversation happen. Let us know your thoughts on this episode, as well as topics you'd like to see covered or guests you'd [00:31:00] like to hear from in future episodes.
You can DM me on LinkedIn or email me at eddy.wagoner@ifma.Org. I look forward to seeing you again here at the intersection of our digital and physical world.
Host: Thanks for tuning into the Connected FM podcast. If you enjoyed today's episode, please take a moment to rate and review the show because it really helps us reach more listeners just like you. And don't forget to hit the subscribe button so you never miss an episode. See you next time.