In the digital age we live in, cybersecurity is becoming more essential as the danger and potential risks continue to rise and evolve. Cyberattacks are expected to grow over the next five years as well as the cybersecurity talent shortage. Within the construction and infrastructure industry, companies must protect their data, process know-how, and business critical information.
Cybersecurity should be fundamental to a strong corporate governance strategy that supports building trust among stakeholders, clients, partners, investors and preserves innovation investment advantage over competitors. In this article we will explore some of the key fundamentals that should be included in a cybersecurity strategy for construction companies.
Malware is software that is specifically designed to disrupt, damage, or gain unauthorised access to a computer system. Cybercriminals typically use it to extract data that they can leverage over victims and companies for financial gain. Ransomware is a form of malware designed to encrypt files on a device, rendering any files and the systems that rely on them unusable. Ransom is then demanded in exchange for decryption.
To help protect against this, construction companies should install antivirus software and set up and maintain a process for regular updates of the software and the notification/handling of detected viruses.
British mathematician Clive Humby famously said in 2006 that “Data is the new oil.” Year on year, more data is being drilled for, stored and analysed by construction companies to better drive efficiencies, business operations and performance and get a better understanding of their clients and prospects. Just like oil, when data is collected, processed, and used efficiently, it can be extremely valuable and that’s what makes it attractive to cybercriminals.
To combat this, information should be guarded by using data protection tools, such as encryption when transmitting over open lines (including lines shared with other companies). Also, IT systems and business critical information should be protected by physical and/or logical controls that allow for confidentiality, integrity and availability.
Logging and monitoring
Logging is a method of keeping a log of events that occur such as problems, errors or just information on current operations. Monitoring is the tracking and storing of key metrics to ensure application and system availability. It is important because it can give real-time visibility into abnormal activity within your app/system environment and adds another layer of protection against unwanted incursions and data theft.
A series of audit logs is called an audit trail because it shows a sequential record of all the activity on your app/system. By reviewing audit logs, authorised personnel can track user activity, and can investigate breaches and ensure compliance with regulatory and policy requirements. An audit trail is crucial for protecting data integrity, guaranteeing traceability and ensuring there are no unauthorised changes.
Monitoring goes hand in hand with logging and being on top of this should allow for a quicker response time to security events, better security program effectiveness and should help solve existing problems without creating new ones. As a solution you should consider a monitoring software as a part of your organisation’s cybersecurity plan. An effective monitoring system collects the data from logs and categorises them into easily digestible information for the IT team.
Data recovery is the process of restoring data that has been lost, accidentally deleted, corrupted or made inaccessible typically to a desktop, laptop, phone, server or external storage system from a backup. Although most data loss is caused by human error there is also a risk of malicious attacks.
A diligent construction company should determine adequate backup processes, including test of backups, to ensure that the needed data and software can be recovered in case of loss of data. They should also ensure that backups have a sufficient level of physical security and that an IT recovery plan/instruction is developed and maintained, describing how to restore business critical IT activities and data. A risk assessment should also align the level of detail of the plan/instruction to the risk that unavailability would pose. For many construction companies external IT providers, contractors and partners are used so the same level of precautions, security and recovery action plans mentioned above should be looked for.
In conclusion, with the growth of connected devices, remote workforces and the increasing cybersecurity skills gap, cybersecurity has never been more important for construction companies. Without a comprehensive cybersecurity strategy and program in place, it can be difficult to be adequately protected against cyber criminals and the ever-increasing cyber threat that exists today.
At EIDA, we pride ourselves on the level of security and protection we offer to all our clients using our software. If you want to learn more, speak to one of our senior consultants today.