Cyber Risk In The Construction Industry

Cyber Risk In The Construction Industry

When you think of different industries with exposure to cyber risks, construction probably doesn’t come to mind. But the truth is – construction is just as exposed to cyber risk as the healthcare industry, retail, and government organizations. 

It’s predicted that cybercrime damages are on the rise and can reach $6 trillion worldwide on an annual basis by the year 2021. Many contractors believe that it can’t – or won’t – happen to them but in fact, large contractors, as well as mid-sized and smaller subcontractors may be at a significant risk. 

Here’s a lists of common cyber risks:

• Social Engineering: There are usually many different workers on a job site, each with some sort of device in hand (laptop or cellphone). Phishing attempts are a very common way to steal user data and possibly access company systems. Phishing scammers send fraudulent emails that may appear to be from a reputable company in order to get recipients to send personal and confidential information. 
• Ransomware attacks: Malicious software can intrude in a company’s computer system and disable it until monetary demands are met. 
• Wire fraud: Many construction companies pay vendors and subcontractors on-site. This creates an extensive accounting process and multiple access points to IT systems. High staff turnover is often one of the biggest drivers of fraud against a company.  
• Hacking: One of the ways cybercriminals may hack is through a contractor’s proprietary information through subcontractors’ systems. Even if a construction company might not store a large number of customer record in its system – attacks involving intellectual property, building plans and bidding record can still have a long-term impact. 

Dealing with a cyberattack is never easy. The effects of a cyberattack can not only disrupt a construction company’s daily business operations, but it could also leave the company’s reputation tarnished. 

Taking preventive measures can help

It’s a good idea to enforce training programs that focus on establishing a safety culture. Cybercrime is becoming more common and there are several steps you and your company can take to address the risk and help implement more robust cybersecurity measures:

• Building awareness is crucial and is one of the best ways to help prevent loss. Work with the insurer’s risk engineering team or a cybersecurity consultant to implement employee training that will help to educate your staff on how to prevent common cyberattacks.  
• It’s important that your subcontractors and vendors provide cybersecurity training for all staff. Require these business entities to carry a cyber liability policy providing for addition protection in the event of a cyberattack. 
• Have a disaster recovery plan. This is the key to long-term success and it will help to ensure that your company has an understanding of how to identify cyber risk and continue business operations despite the adverse outcomes of a cyber event. 

For more information or get to a cyber liability quote, call our office today at 905-696-9090 or email us at This email address is being protected from spambots. You need JavaScript enabled to view it. 

Source: Zurich


Auto Insurance in Ontario
Top Reasons for Home & Auto Increases