Skip to main content
Arrow left Back to Main Menu
Canada (French) London Market United Kingdom USA Asia Pacific Europe France Germany Spain Latin America
  1. Arrow left Parent Page
  2. Arrow left Parent Page
  3. Arrow left Parent Page

Construction

Illustration depicting a padlock and key

Full Spectrum Cyber: Construction Risks

The Key Exposures Facing Construction Firms

Access to Larger Prizes within the Same Supply Chain 

Smaller firms are often targeted because of their supply chain relationships with larger companies. 

Valuable Information Held in New Technology and Software 

More technology adoption, such as “Building Information Modelling (BIM),” telematics and project management software means more rich data, sensitive information is accessible online for theft, ransom and financial gain. 

Protected Intellectual Property Stored and Shared Online 

Valuable proprietary assets, architectural drawings, blueprints, formulas and equipment specifications are often stored and shared online. If the proper protections are not in place, cyber criminals can access this data for theft, ransom and financial gain. 

High Value Tools and Equipment at Risk 

Cybercriminals can hack into security systems and CCTV on-site causing property damage and theft. 

Reducing Risk - Cybersecurity Information for Construction Firms

  1. Incident Response Planning: Create a plan that is stress tested regularly. Improve upon the issues raised during testing to improve response times to a cyber incident. Testing the plan will help minimize damage by creating the appropriate downtime procedures for the business. 
  2. Vendor risk management: Vet suppliers thoroughly, require Cyber Insurance for all service providers, and use standard contracts, questionnaires and forms for uniformity
  3. Staff Cybersecurity Training: Conduct regular phishing test to reduce human error. Many cyber incidents happen because someone clicked on something which they shouldn’t have. 
  4. Backups: Develop and test backup and recovery plans; keep copies of sensitive or proprietary data in a separate and secure location. Test back-ups regularly to ensure both the technology, and the people, can function during a crisis.
  5. Email Security: Properly configuring spam filters, investing in antivirus protection, and adding multi-factor authentication can help employees avoid business email compromises, fraudulent instruction losses, and other cyber claims.
  6. Penetration Testing: Engage a security firm to evaluate your attack surface and assess vulnerabilities. Report results to the executive team and recommend future protective actions. Penetration testing can drive down the costs of an incident significantly.

Responsive Cyber

How our incident response team helped construction clients get back in the game.

For more on suggestions to reduce risk and our appetite for Construction firms, download the PDF.

Speak to your local Underwriter to see which of your clients can benefit from our Construction endorsement.

Contact us

FOR BROKERS

For Customers