C
ybersecurity is everywhere in the news today
because hackers have been very successful in
exploiting human weaknesses across a broad
array of industries. Our construction industry appears to
be tempted to brush off these early attacks, thinking that
our industry is not a prime target. However, any business
that is connected to the Internet is a potential victim. The
construction industry also contains special vulnerabilities
related to the physical makeup of our society that do not
exist in other commonly recognized target industries, such
as the financial or healthcare sectors. In the construction
industry, ignorance can hamper a construction company’s
well-being and its operational security.
Construction executives should be paying attention to and
learning from those who have already experienced a major
cyberattack. For instance, an owner’s plans, specifications
and virtual construction data present an easy target. Take, for
example, the virtual construction needs of a large construction
project. There is almost unlimited access to a building’s
physical and security design. In addition, many design and
construction software systems – such as BIM, Revit, Procore
and Aconex – have remotely accessible controls or Internet-
connected capabilities. A hacker with access to this data could
wreak havoc not only operationally but also through the
physical destruction of data, servers and infrastructure as well
as ultimately by threatening the safety of individuals on-site.
By Gregory Meeder, Christopher Cwalina and Kaylee Cox, Holland & Knight, LLP
WHAT CONSTRUCTION EXECUTIVES SHOULD BE DOING NOW TO PREPARE FOR THE INEVITABLE
Building Washington 19
LEGAL REVIEW
Cybersecurity in the
construction industry
