How can you protect your company from cybersecurity threats?

The 2021 Data Breach Outlook Study by Kroll, a risk consulting firm, shows the number of data breaches in the construction industry increased 800% from 2019 to 2020, according to www.forconstructionpros.com.

In recent years, the increase of new technologies and connections on job sites has made companies vulnerable to cyberattacks. At least 43% of those surveyed for the study said they believed they were ill-prepared for a breach.

Brian Lapidus, global practice leader for Kroll’s Identity Theft and Breach Notification practice, provides the following tips to help contractors keep their businesses safe.

1. Have a cyber expert and an attorney on file so you know who to call when a problem arises.
2. Practice your company’s response to a cyber threat the way schoolchildren and some businesses practice fire drills. For example, training exercises can include how to react to suspicious emails.
3. Renew training periodically to improve employee response to potential threats.
4. Before a cyber breach occurs, be sure you know where your company’s data—employee data, customer data, security data, proprietary data—is kept.
5. Ensure someone on your team stays current regarding cybersecurity threats and technology.
6. Encrypting data is a best practice within the cybersecurity industry, but it is not enough to protect a company. Lapidus recommends using a virtual private network as an additional layer of security.
7. Monitor your networks to ensure all entry points are protected. It also helps inform a company about whether the network has been infiltrated by a cyber intruder.
8. When contractors pay subcontractors and vendors, large amounts of money exchange hands. Your company needs to be sure those wire transfers are secure and safe from cyber threats; for example, you can provide wire instructions and then force a phone call for a password or specific digits.
9. Appoint someone at your company to oversee cybersecurity information and make decisions.
10. If your company experiences a cybersecurity breach, it is important to communicate with and protect employees from any potential risk. Be cognizant of the effects a breach of data would have on your employees.