Are Your Construction Projects at Risk Because of Cyber Exposures?

cyber risk in the construction industry | the als group

The construction industry is changing rapidly and more and more projects are relying on emerging technologies for management and completion. There are now major cyber related concerns regarding “smart” equipment such as cranes and drones and SAAS/IAAS systems used for project planning and management. ‘Connected’ systems utilized by third-parties (general contractors and subcontractors) to share and centralize sensitive data may also expose a project to cyber risks.

While these technological advancements certainly make projects run more efficiently, they also give rise to exposures which are new to the industry.

This coupled with the fact that most construction companies do not fully appreciate their cyber exposures or do not have the means to properly mitigate them, puts a project at great risk.

 

Here are some cyber risks that construction companies should be aware of:

Business Interruption/Project Delays – A cyber breach resulting in loss of sensitive information such as blueprints or plans or even intentional shutdown of systems. Mitigating such a breach can cause costly delays for a project. One must keep in mind, an outage due to a cyber-event at a third-party such as a subcontractor could also cause major delays.

Contingent Bodily Injury or Property Damage caused by a security breach or system failure. An example of such event would be a ‘smart’ crane that is hacked and causes damage to a building or worse, a worker or civilian (See Forbes article – Exclusive: Hackers Take Control of Giant Construction Cranes).

Contractual Penalties imposed against you (by written contract) for failure to deliver your product on time due to a cyber-event.

Ransomware, Phishing or Social Engineering scams enacted in order to steal money or siphon confidential information. Understand that these types of threats can originate from a cyber-criminal or malicious competitor.

Fortunately, the major tenets of a sound cyber security and business continuity plan apply to the construction industry as well.

  • Understand where sensitive project data is stored, who has access to it, and how it is protected.
  • Train employees to recognize scams and educate them on what to do if they notice something out of the ordinary or click on something they shouldn’t have.
  • Update and patch systems on a scheduled basis and update firmware on all equipment from printers to cranes.
  • Develop a comprehensive Disaster Recovery Plan and Business Continuity Plan.
  • Invest in a Cyber Liability insurance policy that is specifically written to cover construction industry exposures.

Everyone from the Owner, the General Contractor, to the plumber and landscaper should consider how a cyber-attack can impact their business and plan accordingly.

 

{{cta(‘bf627af2-1cf6-49fb-9e6c-8d97d0a8e64a’)}}

Our areas of expertise include:

  • Enterprise Risk Management (ERM)
  • Cyber Security & Cyber Liability Insurance
  • Construction Management
  • Customized Risk Management Assessments (RMAs)

Subscribe to our articles

blog posts form
Form Submission Response

Dear [field id="name"],

Thank you for subscribing to The ALS Group articles! We are so excited to have you on board and look forward to providing you with valuable insights, risk management advice, and industry news.

As a subscriber, you will be the first to receive our latest blog posts straight to your inbox. In addition to the blog content, we have a wealth of resources on our website that we believe will be useful to you.

If you have any questions or require any risk management advice, please contact Albert Sica, Managing Principal, at [email protected] or at 732-395-4251.

Thank you,

The ALS Group

Skip to content