Construction Firms Preparing Large Bids Face Cyber Attack Risk

In today’s digital world, every industry needs cybersecurity. As Capitol professor Rick Hansen said, “Having cyber professionals in your business really is essential because even if someone isn’t breaking into your systems all the time, when you are attacked, it’s like trying to catch a mouse without a cat. You know the mouse is somewhere in the house, but you don’t know where and you don’t have the instincts to route it out. When you’re talking about someone potentially turning infrastructure critical to your operations into their personal playground, you just can’t afford not to have a cat.”

Particularly important for corporations forced to move or acquire critical assets by digital means, the cybersecurity risks are high for companies that depend on bidding for contracts. This is true of engineering or defense companies, companies in the middle of a merger or acquisition, and of companies that deal in the digital exchange of property like construction firms.

For construction firms, keeping large acquisitions under wraps is a particular challenge. When taking on large critical infrastructure projects, there is often a lot of buzz around who the builder will be. People want to know who is building the new stadium, who is sponsoring it? Who got the deal on the new bridge or highway, who is rebuilding the power plant? This can put construction companies in the middle of preparing large bids in a position of vulnerability when it comes to cyber attacks.

Ian Birdsey, a partner at Pinsent Masons who heads up the law firm’s global cybersecurity and cybercrime team, recently told Construction Week Online, “If a breach takes place, it is critical to understand the motives behind an attack. Hackers may want to steal intellectual property, commit invoice fraud, or obtain valuable information about a high-profile project and pass it on to a rival.”

And according to Marsh and McLennon Insights, “A 2016 survey found that construction companies planned to invest 5% of their annual revenue into digital operations solutions in the coming years. Three specific technologies — building information modeling, geographic information systems, and integrated project delivery — are quickly becoming cornerstones of the industry. And construction equipment and control systems are expected to become increasingly automated in the years ahead.”

The construction industry only plans to add more technology to the construction site. Unmanned vehicles are already making their way onto the construction site, project management software is coming into heavier use, IT is playing a bigger role. Technology is reshaping everything, creating greater efficiency and saving firms money, but creating new risks as well.

Beyond having a dedicated cybersecurity staff, training employees on how to stay safe online is one of the key ways that firms can reduce their risk of cyber attacks. Capitol’s construction management program familiarizes project managers with the world of cybersecurity, helping them to take preventative measures to keep their firms cyber safe. For years, Capitol has been at the forefront of cybersecurity – designated a CAE school (Center for Academic Excellence) in information assurance by The National Security Agency (NSA) and the Department of Homeland Security (DHS).

Curious about our programs in security and critical infrastructure? Check out all of Capitol’s offerings here!