GCHQ’s National Cyber Security Centre (NCSC) and the Chartered Institute of Building (CIOB) have published the first-ever cyber security guidance aimed at the UK construction industry.
The Cyber Security for Construction Businesses guide offers practical advice for the industry on how to protect its businesses and building projects.
Construction businesses of all sizes continue to be targets for cyber attackers due to the sensitive data they hold and high-value payments they handle.
The guide offers practical advice for each stage of construction, from design to handover, and sets out the common cyber threats the industry faces, including ransomware and supply chain attacks.
The guidance is aimed at small and medium-sized firms as businesses rely more on digital tools and ways of working, such as using 3D modelling packages, GPS equipment and business management software.
Building ‘overall resilience’
Sarah Lyons, NCSC deputy director for Economy and Society Engagement, said: “As construction firms adopt more digital ways of working, it’s vital to put protective measures in place to stay safe online – in the same way you’d wear a hard hat on site.
“That’s why we’ve launched the new Cyber Security for Construction Businesses guide to advise small and medium-sized businesses on how to keep their projects, data and devices secure.
“By following the recommended steps, businesses can significantly reduce their chances of falling victim to a cyber attack and build strong foundations for their overall resilience.”
Construction Minister Lee Rowley said: “This guide provides firms with easy to follow, practical advice to improve resilience to online threats, which will help to ensure projects are delivered on time and securely.”
Caroline Gumble, chief executive of the CIOB, added: “The consequences of poor cyber security should not be underestimated.
“They can have a devastating impact on financial margins, the construction programme, business reputation, supply chain relationships, the built asset itself and, worst of all, people’s health and wellbeing. As such, managing data and digital communications channels is more important than ever.”
The new guidance is split into two parts: the first aimed at helping business owners and managers understand why cyber security matters, and the second aimed at advising staff responsible for IT equipment and services within construction companies on actions to take.
Read next: Moulton College invites innovators to Construction Future Skills Event
Are you a building professional? Sign up for a FREE MEMBERSHIP to upload news stories, post job vacancies, and connect with colleagues on our secure social feed.
