The construction sector remains one of the few sectors that still lags behind when it comes to cybersecurity maturity. However, some high profile attacks since 2017, seem to be inducing a slow change nudging the industry into action.
The relentless trend of digitalisation in all aspect of the sector, from Business Information Modelling Systems (BIMS), to digital ways of working, to sub-contractor systems interconnections and data-sharing, to smart-built-assets, the trend is far-reaching and requires careful attention to the cybersecurity that underpins all that.
Generally speaking, construction businesses of all sizes continue to be targets for cyber attackers. This is typically fuelled by the volumes of sensitive data held, the high-value payments handled, the potential weakened defences due to organisational complexity, and also the perception that the industry is somewhat behind the curve in its cybersecurity mindset.
In an effort to raise awareness and provide guidance, industry associations such as The Chartered Institute of Building (CIOB), published a guidance document titled “The Role of Security in the Construction Industry” as the concept of cybersecurity within the sector is becoming increasingly important.
In Feb-2022, the UK’s National Cyber Security Centre (NCSC) in collaboration with the CIOB, also launched the first guide for cybersecurity aimed specifically at the construction sector. It is described as a “Cyber security guidance for small-to-medium businesses working in the construction industry and the wider supply chain”. (Click button below to download it).