Credit: Bits and Splits/Adobe Stock
Most construction industry executives say they experienced an unauthorized network access incident in the past year, according to a survey by Wipfli.
Eighty percent of leaders were hit by one or more breaches, the data showed, with just under half (44%) reporting three or more breaches in the last 12 months. Meanwhile, midsize and large firms ($50M+) were more likely than smaller companies to report multiple breaches. In the coming year, over 70% of survey respondents now say they plan to invest in cybersecurity tools.
“We’re seeing a real shift. Breaches used to be one-off events, and now they’re something firms are dealing with regularly,” said Brad Werner, Wipfli partner and construction and real estate leader.
“Eight out of ten construction executives were hit last year, and almost half were hit three times or more,” he added. “And it’s not just IT systems at risk anymore: Field operations, vendor networks, even project timelines are exposed. Cybersecurity has gone from a back-office concern to a boardroom discussion.”
Likelihood of having a technology strategy in place by company revenue:
- Company revenue of $50 million or less: 58%
- Company revenue between $50 million and $249 million: 72%
- Company revenue exceeding $250 million: 71%
Respondents’ level of self-reported tech integration showed some variation based on firm type, according to Wipfli.
Commercial real estate developers were on the high end, with 92% of respondents in this category reporting full or extensive tech integration. Among general contractors, specialty contractors and residential developers, roughly 70% to 80% reported full or extensive tech integration.
“The construction industry is vulnerable to cyber breaches due to mobile device security issues and the fact that cybercriminals often convince customers that a contractor’s ACH wire instructions have changed,” said Brian Bohman, a partner in Wipfli’s construction and real estate practice. “They then provide a fraudulent routing number for customer payments, often in a communication on the contractor’s letterhead, which criminals can access from public websites.”
© Arc, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to TMSalesOperations@arc-network.com. For more information visit Asset & Logo Licensing.