Now, more than ever, it is crucial to have a robust cybersecurity framework for your construction business. Malicious data breaches in the construction industry alone have gone up by 800% in two years, from 2019–2021, according to the 2021 Data Breach Outlook Study by Kroll.
Recently there have been several high-profile cyber attacks on organisations such as the police in Northern Ireland and more recently in Manchester that have been in the headlines, showing that no organisation or entity is immune from such attacks and constant vigilance is required in an ever-evolving arms race between hackers and cybersecurity systems.
A common mistake in the construction industry is to become complacent that once the cybersecurity and other compliances have been adhered to, then the business is therefore “safe” from cybercrime.
Compliance represents only the bare minimum of protections required by law and with sensitive data and valuable digital assets, along with large sums of money being transferred frequently, it is essential to take cybersecurity as seriously as you would take precautions against a major fire or serious injury at work.
To this end, a dedicated cybersecurity team is needed to combat any potential threats and reinforce any existing systems and identify vulnerabilities. However, it is something of a minefield trying to navigate the choice of which cybersecurity solution is adequate or relevant for the construction industry and what are the main services or features that are needed.
Choosing a Cybersecurity Solution for Construction—What Should You Look For?
With a wide range of providers offering various services and options, it can be difficult to ascertain where your business fits in and how much of this is actually relevant or needed.
There are, however, certain features of cybersecurity protection that are particularly useful for the construction industry, due to the nature of the work.
Ensure your cybersecurity provider can provide these essential services:
It is not enough to simply get your systems in place to defend against cyber threats and then leave that as a job well done. Any defensive measures or business networks need to be continually and strenuously tested.
The construction industry presents lots of unique challenges in terms of security - with frequent reliance on subcontractors and on-site working. This opens up various avenues for attack for cyber criminals. For this reason all vulnerabilities need to be fully tested using methods that only hackers can perceive of.This means employing specially trained ‘ethical hackers’ to try and gain access to your systems and network.
Penetration testers will act in much the same way as a real hacker would and will probe every aspect of your system looking to find a backdoor to let themselves in. This might be a weakness in an online or digital component or even offline security and physically gaining access to premises and offices.
Ethical hackers or penetration testers can identify where the doors are open for cyber criminals to gain entry. Once identified they will approach your business as a malicious actor would.
For example, if there is an issue with unauthorised contractors or maintenance teams being given access to sites or offices, they may spoof a phone call from a fictional help team or maintenance worker. They may tell your staff they are carrying out routine maintenance and calling from an internal department such as your own IT help desk.
All they need to ask is to check the call handler’s login details, referencing a fictional problem, and gain instant access to that account. From there they can use that account to send an email to every computer in your network containing a file that in real life would have contained a trojan horse or given the hacker access to your entire business.
This is just one example although there may be a different vulnerability in your construction business. It may be the case that passwords carelessly pinned to the wall of a portacabin at one of your sites is the issue. In this case the penetration testers may don a hardhat and physically enter the site themselves to see if they are unchallenged and can gain access to the data through which to then simulate hacking into your systems.
Of course these are just examples but they illustrate how penetration testers use a combination of physical and digital methods to gain entry and explore avenues that would not be typically within the scope of most staff members. Once the weakness has been identified then steps can be taken to secure this method of entry.
Cloud Software Cybersecurity Measures
Over 50% of cyber attacks happen in the cloud so it is essential that your solutions provider can offer robust security measures for any cloud based platforms.
According to the Ekco Infrastructure Modernisation Survey 2023 76% of IT leaders are concerned about the security of their infrastructure.
To operate a secure cloud platform cyber experts should follow these protocols as standard operating procedure -
- Use encryption - transforming data into a code that needs the specific key to unlock
- Monitor cloud activity checking for any suspicious activity or anomalies in the system
- Have security measures at all levels of the system
- Have a data backup plan to ensure business continuity
- Maintain an effective password strategy
Live Operation Monitoring and Rapid Response Teams
Having 24/7 help desks is certainly essential with the unpredictable and fragmented nature of construction work, operating on various on-site locations. However, for construction firms, it is not enough to have help desk staff who can answer queries, there needs to be a dedicated team monitoring all aspects of the security system in real-time and ready to respond to any alerts.
Help desk staff, while extremely useful when there is a known problem that needs fixing, cannot cover issues that you yourself are not aware of, whereas live security operation monitoring will pick up any alerts that would normally have been missed and potentially cost the company significant amounts of lost revenue.
Staff Cybersecurity Training
The construction industry is quite unique in its reliance on contractors, subcontractors and combinations of on-site and remote working, creating very specific security concerns that can be easily overlooked.
Even if you have the most cutting-edge datacentres and cloud solutions storing your data, with an expert team analysing your operations and the best cybersecurity solutions in place—this can all count for nothing if staff are not adequately trained and give their passwords to the wrong person, or let an unauthorised worker into the office.
Cybersecurity training is crucial in the construction industry as any data breaches will almost always be down to human error. With staff regularly handling sensitive data it is vital that they are trained in how to protect that data and respond quickly to any breaches or incoming cyber threats.
Any cybersecurity providers that are looking to work in the construction sector should be able to offer full security training for all staff members, either on-site at your premises or remotely.
What is the Difference Between a Cybersecurity Team and an IT Solutions Provider and Which is Best for the Construction Industry?
Whereas a standard security help desk may be able to respond to any queries about known threats, a fully managed IT solutions provider is in a unique position to provide secure data storage, live system monitoring, and infrastructure analysis, along with a range of cybersecurity services.
At Lyon, we provide construction firms with
- 24/7 monitoring of all systems
- Dedicated rapid response teams to deal with any cyber threats
- Full penetration testing and vulnerability management
- Cybersecurity framework auditing and analysis
- Cybersecurity awareness training for staff members
- Help with installation and configuring of any security systems
- Secure data storage through cloud-based solutions
For more information or to find out how Lyon provides cybersecurity for the construction industry, get in touch for a free consultation and analysis of your business requirements.