Protecting a facility's BMS from digital threats requires a layered strategy. Essential best guidelines include periodically patching software to resolve vulnerabilities. Implementing strong password policies, including two-factor confirmation, is extremely important. Furthermore, separating the control network from corporate networks significantly