When cyber-criminals hack into the computers of construction contractors, they’re not just stealing credit card numbers. They want floor plans, security system designs, the layout of communications systems, and server locations of the buildings where government agencies and corporate headquarters will be housed.
Yet few construction companies “know enough about the risks to mount a suitable defense” to a potential cyber attack, according to a report in the Engineering News-Record. And even fewer report attacks when they occur, the article said, as they are not legally required to do so.
The publication said the federal government is issuing more security regulations for contractors who do work for federal agencies, but noted that new threats arise so often and so quickly that companies have a hard time keeping up.
As more construction businesses embrace paperless operations and convert everything from blueprints to billing into a digital format, their risk for data breaches increases.
One thing seems certain: The need for insurance against breaches, technology errors, and business interruptions has increased along with exposure.
One architecture and engineering firm’s chief compliance officer told ENR that the company’s risk “will undoubtedly exponentially increase” as it becomes more dependent on Internet-based communication and storage. He admitted that risk makes him "nervous."