Computer hackers are targeting private and public companies both large and small, at staggering rates. Construction companies are not exempt from these types of cyber-attacks and must look at their cyber security in the same way they do any other type of risk.
Construction firms can start with identification and prevention by assessing their cyber security profile, identifying gaps in security and then deploy solutions that address those cyber security gaps.
Unfortunately, no security system is full proof. Hackers are successful in breaching the best protected system so companies must also be prepared for when an attack is successful and how they will respond. A tested incident response plan will be key to a construction company’s ability to quickly response to a cyber-attack to minimize losses and downtime.
Construction companies should assess the cost of a cyber-attack on the organization and how it will be managed. Purchasing cyber insurance is the best way to transfer the cost of an attack to an insurance company. The following are six reasons why construction companies should consider mitigating the cost of a cyber-attack by purchasing cyber insurance.
- Cyber Crime - If you are performing any transactions that involve wiring money to a third party, you are a target for cyber criminals. Social engineering is prevalent in the construction industry and typical crime policies don’t always cover this type of exposure. You want to make sure you have a cyber-policy in place that has coverage for transfer fraud, social engineering, invoice manipulation, and telecommunications fraud.
- Business Interruption – Almost all construction firms these days rely on technology to run day-to-day operations. Are you using a laptop to track the progress of your job or strategically plan next steps and communicate with subcontractors and vendors? If you can’t access this information and connect with those involved on the project, there is potential for a serious loss of profit. You need to make sure you have adequate Business Interruption coverage in your cyber policy to avoid a costly loss.
- Commercial Contracts - Did you know that an HVAC contractor was the reason for the 2013 Target breach that affected 41 million customers? If you are performing work for large commercial organizations, you may have access to their networks, systems, and internal processes. This access can be exploited. When competing for a large commercial contract, a cyber-policy is crucial because it will protect you, give you a competitive advantage, and is often required.
- Reputational Harm - A data breach may not only result in the loss of current clients, it could result in the loss of future clients too. If your customers or partners feel that your construction firm is not adequately protecting their financial assets and information, you could lose their business. You want a cyber-policy that provides you with coverage for reputational harm in the event of a data breach or hacking.
- Privacy Liability - Construction firms collect tons of sensitive information about their clients and ongoing projects. This data can include records of personally identifiable information, payment information, architectural plans, and even insight into a client’s internal network. If this information is lost, you are responsible for notifying the affected individuals and may face lawsuits, fines, and incredibly high forensics costs.
- Security- Finally, a cyber-policy brings peace of mind in knowing that you have cyber experts ready to assist you in the event you suffer an attack. Having that support from a cyber-insurance carrier is critical as they deal with these issues daily and understand what it takes to respond. Whether it’s managing legal requirements for notification, crisis management, forensics, or dealing with a cyber-ransom attack, the insurance carriers employ internal and external cyber-security experts to assist you in dealing with any type of attack.
Contact your MMA representative to learn more about adding this essential coverage to your portfolio.