It’s the digital era. Construction managers need to understand cybersecurity
March 25, 2019As a construction manager, you may have chosen your line of work for any number of reasons. It’s a stable, always-in-demand profession. You like transforming ideas on a blueprint into physical structures, watching them develop in stages until the project is complete. You enjoy working with teams. The pay is good.
More than likely, you didn’t go into construction because you see yourself as a computer geek.
In the not too distant past, computer technology played only a minor role in the world of construction. Maps, diagrams, and blueprints existed on large rolls of paper. The office computers weren’t necessarily connected to each other – or to the internet. Communication across the job site was handled using a trusty, familiar old technology: two-way radio.
Those days are over.
Today, the personnel at your site will more than likely be communicating by means of a small, but powerful mini-computer known as a smartphone. Moreover, many employees out on the site may be carrying laptops or tablets. They may be using WiFi to connect their devices to the network and the connection may not be secure.
Back at the office, bidding information, CAD drawings, project timelines, employee data, and equipment records are stored on a computer desktop – and, increasingly, on the Cloud.
Personnel on the site may be wearing smart hard-hats, which collect an abundance of information, from employee fatigue levels to whether equipment is being used properly. Some workers may be equipped with augmented reality software that helps them perform tasks more efficiently – and allows you to monitor their progress.
Much of this technology is IP-enabled; that is, it’s connected to the outside world via the internet and, in theory, accessible by anyone who has the right credentials. That also means it can be breached or hacked.
To be effective, construction managers today must understand the cybersecurity risks posed by digital-era technologies and know how to mitigate them. In other words, you must be cyber-aware.
Construction Executive sums it up: “As technology advances, so do cyber threats. Construction companies must be prepared for potential breaches and the internal and external risks such incidents introduce.”
Analysts point to a number of steps which construction companies – and the managers entrusted with projects – must be prepared to take. These include threat modeling and regular tests of network defenses, whether in the form of penetration testing or a red-team/blue-team assessment. Because so many breaches capitalize on the human factor, employees must receive regular, mandatory training designed to inculcate best practices and boost awareness of social engineering techniques, such as spear-phishing.
Construction is a complex undertaking that brings together many different participants, from engineers and architects to welders and laborers. Protecting assets and data in such a fluid environment is no easy task. As the industry becomes more technology-saturated, it will require a new breed of construction manager – one who is as much at home in the digital domain as on the physical construction site.
The need for a new generation of cyber-savvy construction managers is one of the driving forces behind Capitol Technology University’s program in construction management and critical infrastructure.