industry unlocked
– additional IT costs in the form of forensics and remediation , legal bills , lost client confidence and damaged competitiveness . If IoT or robotic equipment is sabotaged , it may even lead to physical injury for on-site workers .
Building back better
These challenges and risks are not lost on construction sector CISOs . So what does best practice look like in this space ? A lot will depend on the organisation ’ s risk appetite , the type of work it does and what kind of data and assets it owns .
However , the first step towards a comprehensive risk-based cybersecurity strategy starts with visibility : understanding what those assets are and where they ’ re located . Then you can start to apply the appropriate policies and controls . These should be updated to take account of the new hybrid workplace that is beginning to emerge as the pandemic recedes .
Supply chain risk is particularly acute in construction . That makes it vital to regularly and comprehensively audit any third-parties and ensure they follow the same high standards of security .
Zero Trust is becoming a popular option for mitigating breach risks in an increasingly distributed and fluid IT environment . That means focusing on risk-based authentication , network segmentation , endpoint security and other controls . No organisation today can claim to be 100 % secure . That ’ s why rapid threat detection and response via an XDR platform is another key piece of the puzzle .
Above all , never forget that cybersecurity ultimately comes down to the people . That makes regular training and awareness raising among staff and contractors essential . Turning that human-shaped weak link into an effective first line of defence could make all the difference . u
46 www . intelligentciso . com