No industry, including construction, can rule out the possibility of a cyberattack. Let’s take a look at cybersecurity in construction – the whys and the hows.
Making the Case
In 2016, it was found that there was a ransomware attack on a business every 40 seconds, and the rate of attacks would grow to every 11 seconds by 2021. Companies quickly adapting work situations to stem the spread of the coronavirus led to a 600% increase in “cybercrime, which includes everything from theft or embezzlement to data hacking and destruction.” Experts project cybercrime will cost companies $10.5 trillion by 2025, up from $3 trillion in 2015.
And the pain of cybercrime is felt not only by large companies. In fact, small business are the target of 43% of cyberattacks and 64% note they have been the subject of a web-based attack. Each incident cost an average of 7.68 million while the average cost of a data breach for small- to medium-size business outside the U.S. is $3.9 million.
These numbers are staggering. Yet some may wonder if cybercrime is truly relevant to construction. While it’s true that as of 2016, 95% of breached records came from three industries: government, retail, and technology –attackers are branching out to other sectors, including construction.
“Contractors, both large and small, hold vast amounts of information that is of interest to cyber criminals – from employee data to intellectual property,” according to Zurich, an insurance provider. They add that cybercriminals are not fussy about what they steal and are interested in that “which can be potentially exploited for financial gain or other motives.”
Impact of a Cyberattack on a Business
The impact of a data breach on a construction firm can be dramatic in terms of money paid in ransom or information used for destructive purposes. However, there are other more mundane effects that could prove detrimental for a firm.
“The long tail costs of a data breach can extend for months to years and include significant expenses that companies are not aware of or do not anticipate in their planning,” says insurance firm Embroker. “These costs include lost data, business disruption, revenue losses from system downtime, notification costs, or even damage to a brand’s reputation.”
In a chart, Embroker shows that the costs of a breach are spread out. During the first year, 67% of the costs are incurred, in year two 22%, and in year three 11%. These costs come in the form of lost data, business disruption, revenue losses from system downtime and lost customers, notification costs, damage to a company’s reputation.
Dettweiler notes the costs related to reputation are hard to put a price tag on, “…but definitely have [s] a substantive impact on an organization’s overall profitability.”
With construction firms so reliant on data and the exchange of it, a system down for any amount of time would be costly. It could even bring a firm to a standstill. If this led to projects going past due, firms may be on the hook for extra costs. Even worse, customers may decide not to work with them in the future.
A data breach could sully a firm’s reputation. Consider how important reputation is to your firm. Does your firm rely on word of mouth to get new customers? Have you built up relationships with clients who inherently trust you and your firm?
Reputation is invaluable for most firms. The firm does everything possible to get the job done to provide a track record so others can feel confident they are a good partner.
How Construction Companies Can Protect Themselves From a Cyberattack
Preparing for and protecting against a cyberattack is a job for everyone in your firm. Seeing the potential issue as simply an IT responsibility is a mistake. Vigilance by the entire staff goes a long way in protecting a firm’s data.
“Everyone in your company has accountability,” according to Caterpillar. “It starts at the top with leaders who are willing to invest time and resources in developing a secure strategy, administrative policies and written workplace procedures.” They further suggest that “data security should be part of the ongoing discussion between employees and their supervisors and a component of the annual performance review process.” Putting emphasis on cybersecurity makes it clear that it’s everyone’s responsibility.
ForConstructionPros suggests reviewing key points with your firm’s workforce, including:
With cyberattacks happening so frequently, a data breach is eminently possible even if all security protocols are followed. Consequently, part of protecting your firm against a cyberattack is having a response plan in case of a data breach. A well thought-out plan can help your firm act quickly and seamlessly, thereby lessening the damage.
Every business and individual needs to consider cybersecurity. While big companies and major data breaches make the news, everyone is vulnerable. Construction companies and general contractors in particular have valuable data. Cybercriminals have gone after this data in the past, which indicates that construction companies are a valuable target for thieves. A data breach can entail serious repercussions, including causing a firm to go out of business.
Keeping your data secure is part of securing your reputation, which is priceless.
Briq, which handles nearly everything construction finance, offers accurate and real-time forecasting abilities, automated workflows, and interconnected systems. With Briq, financial professionals can improve the speed, accuracy, and efficiency of every report or forecast they produce.
If you’d like to read our full eBook on cybersecurity for contractors, you can head here.
511 Olive Street
Santa Barbara, CA
#24, Mulberry Gardens 2,
Magarpatta City, Pune, Maharashtra