Construction companies continue to face wide-ranging, dangerous threats from cyber criminals. Whether it be intellectual property, financial information, customer data or classified material, construction companies possess data that make them targets for cyber thieves. However, when armed with the right information, executives can take meaningful steps to protect their companies from falling prey to the dangers of today’s cyber threats. With 2018 in the books, it is time to look at what should be top of mind in 2019.
A look back at 2018 reinforces two key cybersecurity bellwethers for the construction industry. First, the industry continues to be the target of a wide range of cyber threats, and the following attack vectors have directly impacted construction companies:
These forms of attack evolved throughout 2018 and demonstrate that cyber criminals continue to develop new and more effective means to steal data, dupe unsuspecting employees into sending money to phony receivers and disable networks.
2018 also saw a significant increase in regulatory frameworks that create challenging mandates for securing cyber data, protecting personal information and subsequent notification of a cyber breach. The European Union’s long-awaited General Data Protection Regulation took effect May 25, 2018, with the goal of providing individuals with control over their personal data. It applies to all companies, regardless of geographical location, who process or control data of EU citizens. The regulation also provides for potentially extreme penalties for failure to comply.
Likewise, the State of California passed the California Consumer Protection Act, which becomes active on January 1, 2020. Much like GDPR, the CCPA provides California citizens with a host of rights relative to their personal information. The law also places tight deadlines and compliance challenges for companies. More states are expected to follow California’s lead, so construction executives must understand how these new laws and regulations impact their business operations and what new obligations are being placed on protecting customer data.
Heading into 2019, construction executives would be well-served to take the following seven steps to help protect their companies from cyberattacks:
Construction executive must continue to act to protect their companies from the ongoing, ever-changing cyber threat landscape. Although these seven action items will not guarantee the avoidance of a cyber incident, they will assist construction companies with good cyber hygiene, the ability to respond to a threat, and protection in the event of a cyber-related loss.
Written by {{author.AuthorName}} - {{author.AuthorPosition}}, {{author.Company}} {{author.Company}} Contact Info: {{author.OfficePhone}} , {{author.EmailAddress}}
{{comment.Text}}