Digital transformation offers big opportunities for construction companies to keep projects on time and on budget, ultimately improving efficiencies and the bottomline. But with it comes a unique set of challenges, one of which is the need for greater security. And the construction industry has some greater risk than others.
The trends related to cybersecurity in construction are vast, and ABI Research touched on a few of them in its The State of Cyber & Digital Security Report. The report points to multiple in-depth trends to watch including citizen digital identities, new cybersecurity applications, digital payment technologies, industrial cybersecurity, telco cybersecurity, and general IoT (Internet of Things) cybersecurity.
One of the big trends mentioned in the report is the unique complexity that comes along with a distributed working environment—something brought on for many industries by the pandemic and the impact of a remote work environment. But as we all know construction has long had a distributed working environment before COVID-19 was a household phrase, due to the nature of its work.
Here’s the challenge with a distributed work environment. It impacts both workers and assets—IT (information technology), OT (operations technology), and the IoT. With this, secure connectivity and identity management become priorities in disparate and heterogenous networks. This has been driving greater demand for hardware security. The solution is to adopt email and network security tools.
ABI Research recommends in the report, “From a cost perspective, security software alternatives will be used instead of actual appliances. But in the case of regulated or safety-critical sites, the smaller form factors will be required (modem-sized appliances or USB-type form factors). For semiconductors specifically, they will need to determine the demand for secure hardware by closely following application demand; e.g. secure key storage for identities or secure execution environments for crypto acceleration, etc.”
As we all know cybersecurity is complex. Supply chains and industries make this even more complex because there are multiple players all connecting different systems to share information. The challenge becomes that one weak link can open a door to a threat actor to get in.
This is precisely the conversation I was having with Richard Wunderlich, executive business development lead for cyber research and smart infrastructure, Siemens. “Most guys will say I bought this from a reputable vendor, and it is very secure, and I bought this from a reputable vendor, and it is very secure, and I put the two of them together to do something. The security of the individual pieces doesn’t turn into the security of the system.”
Perhaps the biggest challenge here really is the cost of cybersecurity and making this affordable for small and medium businesses. Often for the smaller companies it is more effective to shut the company down and go bankrupt and then relaunch under a new name.
“Some people say I will do cyber insurance … but the reality is the insurance guys have figured out how they will never pay. The deductibles are like $20 million, and they will just go through the incident. You aren’t going to have the insurance support, so you are just going to wrap the business up and go bankrupt,” Wunderlich explains. To help, Siemens is trying to enable more cost-effective cyber solutions that can be implemented in smaller organizations to enable secure supply chains.
The harsh reality is that in construction you are only as strong as the weakest player on your construction jobsite. So, the question now becomes not only how you are securing your business, but how are others around you are securing their business as well.
The conclusion we came to at the Siemens event is that is where the charter of trust comes in to enable their supply chains and secure their supply chains to get scale in the marketplace or ecosystem.
At the end of the day, Wunderlich says, “My view is cybersecurity awareness literacy is the job of all of us. We all need to be active, vigilant, and aware and progressive wherever possible. That is the only way security by design will come to life.” There is no question Wunderlich is forcing us to be more vigilant in a time when the bad guys are just waiting for us to take our eye off the proverbial ball.
Want to tweet about this article? Use hashtags #construction #IoT #sustainability #AI #5G #cloud #edge #futureofwork #infrastructure