All companies are susceptible to cybersecurity attacks; however, this article focuses on some of the main vulnerabilities within the construction industry, as well as proactive steps that organizations can take to boost cyber defense.
What are some of the most common entry points for threat actors in the construction industry?
Threat actors are always looking for a way in, and the construction industry is a prime target due to the variety of ways their organizations can be attacked, including:
Construction project management software and SaaS solutions
Outdated security policies or lack thereof
Proprietary company software and cloud storage
Smartphones and laptops – used both at the office and on-site
Subcontractors, outsourcing jobs can lead to uncertainty and lack of oversight
How can construction companies boost their cybersecurity efforts?
While there is no sure-fire solution to cyber-attacks, there are several best practices companies can take, including:
Choosing the right software and keeping up to date on security measures/updates
Conducting a third-party security analysis/risk assessment to develop an appropriate cybersecurity plan
Creating an incident response plan with a trusted partner to make sure they are prepared for an incident
For a construction company employing high numbers of workers, each of whom is logging in from a different location, zero trust security can be a good blanket policy that protects widely dispersed points of entry.
Making employees knowledgeable about cybersecurity/ hosting training
Exploring cyber insurance options
Setting expectations and ensuring they are followed when dealing with 3rd party vendors
About Schneider Downs Cybersecurity
The Schneider Downs Cybersecurity practice consists of experts offering a comprehensive set of information technology security services, including penetration testing, intrusion prevention/detection review, ransomware security, vulnerability assessments and a robust digital forensics and incident response team. In addition, our Digital Forensics and Incident Response teams are available 24x7x365 at 1-800-993-8937 if you suspect or are experiencing a network incident of any kind.
To learn more, visit our dedicated Cybersecurity page.
About Schneider Downs Construction Services
Led by a diverse group of shareholders and managers, Schneider Downs provides strategic and practical solutions for our construction clients in all facets of their business. Our dedicated team of more than 350 professionals have a wide background of tax, accounting, technological and business experience in the region, specifically in Pittsburgh and Columbus.
You’ve heard our thoughts… We’d like to hear yours
The Schneider Downs Our Thoughts On blog exists to create a dialogue on issues that are important to organizations and individuals. While we enjoy sharing our ideas and insights, we’re especially interested in what you may have to say. If you have a question or a comment about this article – or any article from the Our Thoughts On blog – we hope you’ll share it with us. After all, a dialogue is an exchange of ideas, and we’d like to hear from you. Email us at [email protected].
Material discussed is meant for informational purposes only, and it is not to be construed as investment, tax, or legal advice. Please note that individual situations can vary. Therefore, this information should be relied upon when coordinated with individual professional advice.
This site uses cookies to ensure that we give you the best user experience. Cookies assist in navigation, analyzing traffic and in our marketing efforts as described in our Privacy Policy.