What does the future hold for security within the construction sector?
Construction contributes to 7% of the UK’s GDP and despite the fact that the sector itself is largely offline, it is still at a high risk of security breaches if firms are not sufficiently prepared or protected against the threats they may face.
Why are construction firms at risk of cyber-attacks?
The client base of a construction firm is unique in that it holds not only sensitive customer and project information, but potentially market-sensitive information, and intellectual property that could have serious financial implications if leaked beyond the necessary parties. For example in 2013, there was the infamous story where hackers stole the blueprints for the new Australian Security Intelligence HQ building and leaked them. This left the construction company embarrassed and with questions posed to them about their security procedures. This demonstrates the value that the data construction companies holds has, and why they can become a specific target for either hackers or malicious breaches from competitors or those looking to sell information to competitors.
Upcoming security changes
In 2018, the biggest change to security requirements that all companies, in construction and in other sectors, will be the introduction of GDPR (General Data Protection Regulation) in May 2018. This looks at more complex systems and security including BIM and digitised systems that integrate with current functionality. The aim is to assess the risks to data held by companies and ensure that companies are putting measures in place to protect this data to the highest possible level. There will be more severe penalties imposed upon any companies failing to meet these standards, up to 4% of the company’s total revenues.
Greater focus on vulnerabilities
Ransomware is a strong threat currently to the construction industry, but over time it is predicted that this will be used across many areas of businesses where there is information that could be used against the company. The importance of recovering the data is what can hold companies to ransom, and this is the greatest vulnerability for the construction industry, which is expected to increase and evolve over time. Cyber-crime may also become automated and this makes the need for security measures even more imperative to ensuring the greatest protection for internal and customer data.
How can construction firms protect against growing cyber threats?
Preventative measures should be at the centre of construction companies trying to eliminate cyber threats to protect their customers’ data. Companies can get certified to ISO 27001 standards, implement team training to look out for phishing scams, installing password software and complex passwords at different security levels, and installing malware and other security detection systems which can highlight threats as soon as they occur.
The RG Group take the security of our own data and our customers’ confidential information seriously, and are constantly looking at how we can improve our security to protect against cyber threats. You can give us a call on 01732 526 850 to discuss your upcoming project today.