As buildings become smarter and more connected, the Royal Institution of Chartered Surveyors (RICS) has issued a stark warning: the commercial property sector is facing a rapidly growing threat from digital risks. In its newly released paper, Digital Risks in Buildings (June 2025), RICS highlights the urgent need for building owners, managers, and occupiers to take proactive steps to safeguard their assets from cyber threats, system failures, and data breaches.
RICS Sounds the Alarm on Digital Risks in Commercial Buildings
Tuesday, July 22nd, 2025
A Wake-Up Call for the Industry
According to the latest RICS Facilities Management Survey, 27% of respondents reported that their building had suffered a cyberattack in the past year—an 11% increase from the previous year. These attacks are no longer rare anomalies; they are becoming a routine threat to building operations, safety, and value.
The paper identifies a wide range of vulnerabilities, including:
- Outdated operating systems (e.g., Windows 7 still in use in buildings opened as recently as 2013)
- Operational technology such as building management systems, CCTV, IoT devices, and access control systems
- Data privacy risks from poorly managed personal and biometric data
- Cybersecurity threats, including ransomware, deepfakes, and phantom attacks
The Rise of Deepfake Threats
One of the most alarming examples of digital risk highlighted in the RICS report involves a deepfake fraud incident reported in May 2024. An employee at an engineering consultancy firm was tricked into transferring HK$200 million (approximately £20 million) to criminals after receiving a convincing video call. The attackers used artificial intelligence to generate realistic voices and images, impersonating senior company officers. This sophisticated deception underscores the growing threat posed by deepfake technology, which can be used to manipulate individuals into taking harmful actions. As buildings and businesses become more digitally integrated, the potential for such attacks to disrupt operations and cause financial loss is increasing, making proactive cybersecurity measures more critical than ever.1
The Cost of Inaction
Beyond the immediate operational impact, digital risks can damage a building’s reputation, reduce its market value, and lead to increased insurance premiums. As AI and interconnected systems become more prevalent, the complexity and scale of these risks are expected to grow exponentially.
RICS’ 5-Point Action Plans
To address these challenges, RICS outlines three tailored 5-point action plans for:
- Building stakeholders (owners, managers, occupiers): including risk assessments, infrastructure upgrades, staff training, and third-party risk management.
- Industry bodies: focusing on standard-setting, awareness campaigns, and valuation guidance.
- Governments: calling for regulatory clarity, cybersecurity mandates, and investment in digital skills.
These recommendations aim to embed digital risk management into the core of building operations and governance.
Take Action on Digital Risk Today
The RICS report makes it clear: digital risks in buildings are real, growing, and demand immediate attention. Whether you’re managing a single commercial property or an entire portfolio, understanding and addressing these risks is essential to protecting your assets, your tenants, and your reputation.
Modern Networks is here to help. As a trusted managed IT services provider to the UK’s commercial property sector, we understand the unique challenges you face. From secure network infrastructure and compliance support to proactive cybersecurity and smart building integration, we offer IT solutions that align with the RICS recommendations.
Contact us today to learn how we can help you assess your digital risk exposure and build a more secure, resilient future for your buildings.
Reference
- RICS Digital risks in buildings, p. 18.