#34 – Digital security…
Photo by Pixabay from Pexels.
As we increasingly rely on everything being digital, we must also appreciate the risks that are associated with the digital world and, most importantly, the impact of it being compromised. Recent press shows that the Bouygues Construction Group were the latest victim of a cyber-attack on their company network, and although they’re not the only one, a ransomware hit to a big Tier 1 contractor should bring this topic to the very forefront of our industry.
Currently, the entire industry is pushing digital. Companies and individuals are all at different levels of digital ‘maturity’, and some remain sceptical about digital progression, but I’m yet to hear anybody trying to go backwards – nobody is saying “let’s go back to paper”. The benefits of our continued digitisation are clear and therefore everybody is, at some level, on board with this progression. Digital tools and platforms continue to improve speed, accuracy, consistency, quality, collaboration and connectivity – just to name a few. Unfortunately, there must always be a negative. For every force or action in life there is an opposing force or reaction; in the world of all things digital those opposing forces are security, vulnerability and a lack of resilience.
Think for a few moments about the potential impact of a digital shutdown on your daily working life. Consider the real difficulties you and your company may endure as the result of a cyber-attack, with the company network being compromised affecting the following:
Basically, you’re left sitting at your desk with a PC that doesn’t really serve any purpose. What do you do now? We rely entirely on all of these digital services, once they’re taken away, we’re all totally stuck – there is no plan B, there is no resilience in our systems or processes for catastrophic failure.
There’s another issue too – data loss. If the shutdown of IT systems is the result of a malicious attack, what data has been lost? Does the company work on sensitive projects? Have company and/or employee personal details been taken? Names, addresses, bank details, passports, national insurance numbers…everything anybody needs to clone an identity and commit fraud. Unconfirmed reports circulating online state that this was the case in the Bouygues Construction attack, and of course there was a suspected ransom – €10 Million no less. I repeat that these claims are unconfirmed, but it’s not a stretch of the imagination to consider that this is the reality. So, what does the company do now? Ignore the ransom and allow an unknown type and quantity of company information to be leaked? Or pay the ransom and hope that a bunch of criminal hackers are ‘true to their word’? At this point in time, it’s a lose-lose situation.
With the company IT systems in a total shutdown, what happens next? Is anybody able to produce any work? Can construction activity continue? Will projects be forced into delay? What are the implications of those delays? It goes on, and on. The fallout from a digital security breach could be enormous – I’m certain that Bouygues Construction are still feeling that now. And still, none of us appear to have a plan B.
I’m certainly no digital security expert and therefore I do not know the answer to this question, but what do we do to mitigate these risks? Sure, all companies pay considerable sums of money to anti-virus companies for protection of their networks and all have IT teams monitoring daily activity, but this is only the preventative. A quick google shows that Bouygues Construction had invested in several supposedly ‘state of the art’ digital security systems, all of which have clearly failed. Once the preventative fails, where’s the contingency? How can a company ensure that works are unaffected, or at least less affected, by an IT shutdown?
It’s a serious question, and I do not envisage that it has a simple answer. Does anybody have any ideas? Are you/your company doing everything possible to mitigate these risks? Let us know in the comments, or email me to discuss privately.
Mr. Smith
smith@dbe.careers
The New Year felt a bit cold, but as we warm up towards the summer...…
This time last year... We told you that BIM Coordinators are increasingly sought after.…
The construction industry has been slow to adapt to change and adopt new ways of…
As the world turns ready for the New Year, we have put together our list…
Jamie Holt from Johnson BIM answers the question: "What makes a candidate successful at interview?"…
Since the July Salary guide, we’ve seen massive changes on global and domestic fronts and…