Brian Sims
Editor

Construction firms assisted to build “strong foundations” against online threats

CONSTRUCTION BUSINESSES are being offered first-of-its-kind cyber security guidance from UK experts to help build their resilience in thwarting online threats. The new Guide to Cyber Security for Construction Businesses issued by the National Cyber Security Centre (NCSC) provides tailored and practical advice for the industry on how to protect businesses and building projects.

The guidance, which is launched in conjunction with the Chartered Institute of Building, is aimed at SMEs at a time when businesses are relying far more on digital tools and ways of working, such as using 3D modelling packages, GPS equipment and business management software.

Construction businesses of all sizes continue to be targets for cyber attackers due to the sensitive data they hold and the high-value payments they handle. The new guidance offers practical advice for each stage of construction, from design through to building handover, and sets out the common cyber threats the industry faces, including those posed by ransomware and supply chain attacks.

Sarah Lyons, deputy director for economy and society engagement at the NCSC, commented: “As construction firms adopt more digital ways of working, it’s vital to put protective measures in place such that they remain safe online. That’s why we’ve launched the new Guide to Cyber Security for Construction Businesses, advising SMEs on how to keep their projects, data and devices secure at all times.”Lyons added: “By following the recommended steps, businesses can significantly reduce their chances of falling victim to a cyber attack and build strong foundations for their overall resilience.”

Construction Minister Lee Rowley noted: “Data and digital technology is helping to make the construction industry more productive, competitive and sustainable. However, with this new technology comes threats that businesses must be wary of and take action to defend themselves against. The new guidelines provide firms with easy-to-follow and practical advice designed to improve their resilience against online threats, which will help to ensure that projects are delivered on time and securely.”

Caroline Gumble, CEO of the Chartered Institute of Building, explained: “The consequences of poor cyber security should not be underestimated. Attacks can have a devastating impact on financial margins, the construction programme, a business’ reputation, supply chain relationships, the built asset itself and, worst of all, people’s health and well-being. As such, managing data and digital communications channels is now more important than ever.”Gumble concluded: “This guidance provides a timely opportunity to focus on the risks presented by cyber crime. It’s something that has been highlighted by the Chartered Institute of Building for some time now. We’re delighted to partner with the National Cyber Security Centre and the Centre for the Protection of National Infrastructure to produce another invaluable resource.”

Two-part guidance

The new guidance is split into two parts: the first is aimed at helping business owners and managers to understand why cyber security matters, and the second aimed at advising those members of staff responsible for IT equipment and services within construction companies on the necessary actions to take.

The advice outlines seven steps for boosting resilience, covering topics including the creation of strong passwords, the backing-up of devices, how to avoid phishing attacks, collaboration with partners and suppliers and preparing for – and responding to – cyber episodes.

Most businesses in the construction industry are within the SME category.Last year, a survey conducted by the Department for Digital, Culture, Media and Sport of all types of businesses found more than one third (ie 37%) of micro and small (ie 39%) businesses reported falling victim to a cyber security breach or cyber attack in the previous year, with this statistic increasing to 65% for medium-sized businesses.

The NCSC is committed to helping UK organisations of all sizes improve their cyber resilience and, on its website, has published a range of guidance on how to defend against online threats.For smaller construction businesses without dedicated IT staff, the NCSC’s Small Business Guide offers further affordable and practical advice on how to stay secure online, while larger organisations can find guidance in the Ten Steps to Cyber Security collection.

Company Info

WBM

64 High Street, RH19 3DE
EAST GRINSTEAD
RH19 3DE
UNITED KINGDOM

03227 14

Login / Sign up