Cybersecurity in the Construction Industry:
10 Questions

Connectivity is delivering big benefits to the construction industry—higher productivity, lower costs, a safer work environment. But as companies like yours grow more dependent on internet-connected technologies, data security becomes more critical than ever. It’s unusual to hear about a data breach in the construction world, yet the risks are there and need to be managed. Although this topic is best addressed with IT professionals, here are a few questions to get you thinking.

Am I Really A Target?

Any business connected to the internet is at risk of a cyberattack. And it’s not just large companies. A report from Verizon says small businesses represent 85 percent of the targets of opportunity for data breaches.1

Target?
Target?
Hackers—Coming After Me?
You’re Kidding, Right?

Cyber criminals are everywhere, but studies say the most common cause of a data breach isn’t hacking. It’s lost or stolen portable devices such as phones, laptops, tablets and flash drives.2

Cyberattack
Cyberattack
Which Systems are Vulnerable?

All of them. Unauthorized users could exploit any of your data, whether it comes from a Building Information Modeling (BIM) system, telematic solution, project management software, CRM tool, or corporate financial or HR system. Your clients’ data—as well as your subcontractor’—may also be at risk if you share network access.

Cyberattack
Cyberattack
What kinds of data are most Valuable?

Some intruders want site plans, drawings, contract terms or bid information. Others could be after fleet data, customer records, financial statements or banking info. Identity thieves would love to get their hands on personal information about your employees—full names, social security numbers, bank account data, medical history. And some folks just want money. Using what’s called a ransom-ware virus, they capture your data and hold it hostage—effeciently locking you out of your systems until a ransom is paid.

Cyberattack
Cyberattack
What will a data breach cost me?

The average cost of a date breach is $4 million according to a 2016 report from the Ponemon Institute, an independent research firm that studies information security. The average cost per lost or stolen card is $158.3

 

What’s Included in Those Costs?

The costs associated with a data breach vary according to th situation, but you can expect to spend money on things like:
• Internal investigation of th4e breach.
• IT experts hired to find and fix the issue
• Other professional serices (legal counsel, crisis communications, hotline support, free credit monitoring)
• Communications to employees, clients and others
• discounts or promotions to retain or attract customers

cost of data breach
cost of data breach

Won't my Insurance Cover IT?

That depends. Many general commercial liability policies don’t cover cybercrime, so you may need extra protection. However, all cyber policies are not created equal, so your best bet is to work with a trusted provider who can tailor coverage to meet your needs.

Cyberattack
Cyberattack
Who’s accountable for maintaining data security?

Everyone in your company has accountability. It starts at the top with leaders who are willing to invest time and resources in developing a security strategy, administrative policies and written workplace procedures. All others in the organization need to be educated about your policies and trained to use specific processes that support your data security goals. Data security should be part of the ongoing conversation between employees and their supervisors and a component of the annual performance review process.

Cyberattack
Cyberattack
What specific steps can we take to secure our data?

Start with the fundamentals. 

• Inventory the data. Know exactly what you have, where you store it and who has access to it.

  • • Store data centrally—either on secure servers or in the cloud—but not on individual hard drives.
  • • Invest in an enterprise-grade firewall and make sure security patch updates get done regularly.Use centrally managed anti-malware
       on all company devices, even personal devices that can access company networks.
  • • Make sure all personal devices used to access company networks are equipped with data encryption, passwords or PIN locks.
  • • Insist on rigorous password protection. Use a mix of numbers, letters and symbols. Change passwords every 90 days. Include lock-out
       provisions that freeze accounts after a certain number of incorrect log-in attempts.
     

Make sure all data is backed up on a regular schedule.

Cyberattack
Cyberattack
How do I choose an IT security partner?

Start with your professional network. Ask friends and associates for referrals and recommendations. Look for someone with proven experience in the construction business. Inquire about advanced qualifications and certifications. Interview more than one candidate. Speak with references and read reviews on the internet. Before making your final choice, clarify expectations regarding time, scope, cost, personnel requirements, communication, training and other factors that are important to you.

Cyberattack
Cyberattack

Be Prepared

The benefits of connectivity are real. Companies everywhere are bringing internet-connected technologies to the job site to save time, cut costs, increase operator productivity and create safer work environments. But as you invest in a more efficient and profitable business, don’t overlook the importance of data security. Make it priority now.


IMPROVE WITH CAT TECHNOLOGY

Cat technologies pay for themselves. Get more insight into your equipment and operations than ever before.

GET CONNECTED
Cat Technology
Cat Technology

STAY CURRENT WITH ENEWS

We send industry knowledge, useful tips and special offers right to your inbox.

Sign Up

RELATED ARTICLES

You’re here to get ideas to grow your business. Read on for machine insights and expert tips and tricks to get more out of every job.