FlatTurtle Blog
2 March 2026, 15:08
Smart buildings are brilliant. They save energy, improve comfort, make workplaces easier to run, and give tenants the kind of experience they now expect by default. But there is an awkward side effect of all this progress. The more connected your building becomes, the more ways there are for something to go wrong.
And in building tech, “wrong” is not limited to data loss. A compromised system can affect access control, heating, ventilation, lifts, screens in the lobby, or the network your tenants rely on to work. Suddenly cybersecurity stops being an IT topic and becomes a building operations topic, and sometimes even a safety topic.
Belgium is in the middle of a major shift, not just in PropTech adoption, but also in regulation. NIS2 is pushing cybersecurity higher up the priority list, and it is no longer something you can treat as a nice extra for later. It is becoming part of how organisations prove they are well governed, resilient, and trustworthy.
The practical takeaway for property teams is simple: if your building runs on connected systems, cybersecurity is now part of building management. That includes managed WiFi, digital signage, EV charging connectivity, and the various sensors and controllers that make modern buildings feel modern.
Most cyber discussions assume a traditional office IT setup. Laptops, email, servers, and maybe a VPN. Buildings are different. They have a mix of old and new systems, they often run for years without major changes, and they include devices that were never designed with modern security expectations.
Building management systems and operational technology protocols were built for reliability and interoperability, not for a world where everything is online. Digital signage players can be physically accessible in public areas. Guest WiFi might sit far too close to building systems if network separation is not done properly. EV chargers and parking connectivity bring new devices into spaces where mobile signal is weak and WiFi is doing a lot of heavy lifting.
None of these are unusual. They are simply the realities of PropTech in live buildings, especially in multi tenant environments where many systems need to coexist.
The good news is that building cybersecurity is not about paranoia or buying twenty new tools. It is about doing the basics well and doing them consistently.
It starts with visibility. You cannot secure what you cannot see. Knowing what devices are connected, what they do, and who manages them is the foundation. Then comes separation. A screen in the lobby should not be able to “talk” to the same parts of the network that run building controls. Tenant traffic should not mingle with operational systems. Parking connectivity should be segmented so it stays useful without becoming a shortcut into the rest of the building.
After that, it becomes about good habits: strong access control, sensible authentication, monitored remote access for vendors, patching where possible, and backups that are actually tested. When something does happen, incident response is far less chaotic if these basics are already in place.
Belgium also has a practical framework that helps structure this journey. The CyberFundamentals approach offers a clear path to maturity without forcing every organisation to act like a national utility. It gives teams a way to prioritise controls based on risk, and to show progress in a way that aligns with modern expectations.
At FlatTurtle, we spend our days in the real world of buildings. We know that property teams do not want another complex project or another vendor that only covers one slice of the puzzle. Our role is to make connected buildings feel calm and well managed, not fragile and high maintenance.
That means designing networks with proper separation, keeping systems monitored, reducing the “unknown device” problem, and treating building tech like infrastructure that should age well. It also means staying close after installation day, because security is not a one time checkbox. It is ongoing care.
In the end, the smartest buildings will not just be the ones with the most technology. They will be the ones that are trusted. In PropTech, trust is built the same way as good connectivity. Quietly, consistently, and with the right foundations in place.