shutterstock 604232333

By Michelle Kennedy Hogan

Let's face it, when it comes to cyberattacks, many construction companies and contractors think they're immune. Why? Usually because construction isn't a "tech" industry. Since so many construction companies rely on smaller contractors, it is often thought that a cyberattack would be fruitless because there are just too many components in a large construction project. That, unfortunately, is just not true.

The National Cyber Security Alliance recently found that hackers often target small businesses, up to as much as 70 percent.

This means that any construction project can be vulnerable to a cyberattack, no matter how small or large the breach. A 2013 hack on Target stores led to a breach in their billing because the hackers got through a mechanical contractor that had access to Target's billing system.

Protecting your construction company from vulnerabilities is key to keeping your company's data and your customer's data safe.

So who would want to break into a construction company's data anyway? Almost anyone, believe it or not. Construction companies don't just hold personal information, they also hold the key to a lot of infrastructure in their given city or town. There is also the intellectual property (yours and your clients'), specifications for various projects, architectural drawings and personal details of both employees and clients. This can all be very attractive to a hacker, depending on their reason for trying to break in.

Here are three things your company can do to prevent data breaches and computer security failures in the future:

1. Train Your Employees

It seems like a "no-brainer" but believe it or not, seemingly innocent conversations or communications by employees can cause big data breaches. Social engineering is the term for the hacker that goes after that entry-level employee or even the receptionist and asks the right questions to get the information needed for the hack. There is social engineering coverage on Cyber Liability insurance policies, but training your employees on how to deal with inquiries can save you time and money. As an additional layer of protection, offer identity theft protection from a monitoring service to help shield your business from vulnerability in the event that one of your employees falls victim to identity theft.

2. Stay Up to Date

Keep your firewalls, anti-virus software, and operating system patches up to date. This includes everyone in your company who has a computer. Too often, entry-level employee computers or the computers at reception are forgotten and not kept up to date. This can be the entry a hacker is looking for to get into your company's network.

3. Do Your Due Diligence

Performing background screening of both employees and contractors and holding periodic, cross-sectional training for employees will keep you ahead of the curve on potential data breaches. It is important to perform an overall risk assessment for your business. Be sure to talk with your executives and management and have them lead the way in identifying the systems and hardware that will need protection. It is also important to find those employees who can lead the response to any attack that occurs.

Being prepared for a cybersecurity attack is an essential component to any successful business. Communication about the security plan and any incident response between management and employees will keep hackers at bay. Having up-to-date software and hardware for every employee is key. It is important that everyone understands that they are the first line of defense against cyberintruders.

Michelle Kennedy Hogan is a writer specializing in business, health care, personal finance, stocks, cryptocurrency, technology and more. She has had work featured in The New York Times, The Christian Science Monitor, Redbook, Salon, NPR and many other publications.


Contact Us

Construction Today Magazine

Cringleford Business Centre
Intwood Road
Cringleford, Norwich, UK

Click here for a full list of contacts.

Back To Top