Key points are not available for this paper at this time.
Facilities Management (FM) is undergoing a rapid transformation driven by the adoption of IoT devices, building management systems, and building information models. This disruptive shift introduces significant cybersecurity threats, posing risks to safety, data privacy, and operational continuity. This paper investigates which specific configurations of organizational, technological, and human factors lead to cybersecurity breaches within FM environments. Moreover, there is a notable gap within the FM literature in terms of comprehensive understanding and strategic readiness regarding cybersecurity threats. To address this gap, this paper presents findings from an extensive survey involving 114 FM professionals who experienced cybersecurity breaches. A Fuzzy-set Qualitative Comparative Analysis (fsQCA) was utilized to identify ten distinct pathways and combinations of organizational, technological, and human factors that commonly lead to cybersecurity incidents. The analysis revealed ten distinct configurations where limited internal preparedness, financial constraints, and insufficient awareness converge to create sufficient conditions for a breach. These findings provide FM practitioners and security officers with a diagnostic taxonomy of
Pärn et al. (Wed,) studied this question.