Do you have a false sense of cybersecurity? Even before the COVID-19 pandemic, construction businesses were increasingly relying on mobile devices, cloud-based applications, online collaboration, and Internet-connected vehicles and equipment. The pandemic has only accelerated the adoption of these technologies. As the number of entry points into your company’s network increases, so does your cybersecurity risk. Fight complacency Many of the most infamous data breaches have involved large retailers or financial institutions. However, recent headlines have involved cyberattacks on other types of businesses — including construction companies.
Cybercriminals can also cause property damage or bodily injury by deleting data, altering plans or specifications, interfering with a project’s security or safety systems, or tampering with vehicles or equipment. Watch your supply chain As we’ve seen recently, critical third parties in your supply chain can be victimized. Cyberattacks on these parties can interfere with your ability to obtain fuel and key materials, negatively affecting project timelines. Assess risk, deploy strategies To better protect your company against cyberattacks, conduct a cybersecurity assessment. Doing so involves taking inventory of your hardware and software, as well as mapping your network, data flows and entry points. This includes access by employees, vendors, and collaborators such as architects or engineers. Ultimately, you want to identify every potential vulnerability. Armed with this information, you can then implement internal controls and external protections to reduce the risk of a breach and develop an incident response plan to mitigate damages should one occur. Strategies for preventing cyberattacks include strong passwords, dual-factor authentication to prevent unauthorized access, and software tools that monitor for and prevent intrusion. Keep mobile devices and computers current with the latest updates and security patches. Educate employees to help them identify and avoid phishing attacks and other threats. Training employees is particularly important because most cyberattacks are because of human error rather than technological failures. Among the most effective strategies is to follow rigorous backup protocols to ensure that you can resume operations quickly in the event a cybercriminal destroys or blocks access to your data. Backup data should be encrypted, stored off-site and segregated from the systems being backed up to ensure they’re accessible in the event your main network is compromised. Be prepared Like most construction businesses, yours likely will increasingly rely on mobile and cloud-based technologies — even after the pandemic. To protect yourself in this environment, conduct a cybersecurity assessment as mentioned. Then implement strategies for minimizing your distinctive risks and facilitating a quick recovery should an attack occur. |