Cybercrime attacks affect more and more companies. The numbers indicate fear expressed by significant corporations. Statista forecasts a $354 billion growth in the cyber security market by 2026. Researchers conclude that the construction, energy, and engineering spaces lie in the crosshairs.
Celso De Azevedo, a cyber specialist and barrister at 36 Commercial believes corporations plan to spend more because they recognize law enforcement's losing war against cybercrime.
"We are in the foothills of a revolution in cyber security. The future of cyber security is holistic, rather than as separate private versus government framework. Governments will eventually realise that there is no point in trying to punish corporations that do not adopt adequate cyber security measures after the event, where adequate standards remain unclear. International corporate governance frameworks which incorporate a robust kitemarking and certification regime for cyber security systems and providers must be developed at pace. Setting up this worldwide government-sponsored cyber security framework will be the greatest challenge for the next decade."
Why do cybercriminals target construction? Holes in small company security can break locks on prominent company protocols. For every large construction job worth millions or billions, dozens and sometimes hundreds of small subcontractors work on the project. If hackers can penetrate small companies while connecting to large companies' systems, they can circumvent expensive cyber security measures.
Cybercriminals exacerbate the problem for big and small companies by disrupting supply chains. Security experts say criminals can demand ransoms while rerouting ships or losing train cars.
De Azevedo concluded his remarks with, "Cyber risk is real, and organizations in the construction, energy, and engineering sectors really do feel that risk from all sides. As well as being targets, they are vulnerable through their supply chain. Therefore, the ability to remain vigilant and get ahead of the game and prevent (or mitigate) an incident from happening is considerably more efficient than a 'cure.' In the event of an attack it's important to take action quickly with legal and other Cyber professionals."