BUSINESS
data, including personally identifiable information
and proprietary corporate assets.
This audit should determine who has access
to such information and critical systems
and take stock of existing capabilities for
monitoring inappropriate system access and
potential security events.
Once completed, businesses should
develop formal, written policies regarding
the use of corporate networks, and ensure
that access to sensitive data is restricted
only to parties that require it. Organizations
should also:
•• Encrypt or otherwise secure critical
technologies: Laptops, smartphones,
tablets and portable media devices –
along with emerging technologies that
are often present on construction sites,
such as wearable devices – can present
significant data security threats if lost,
stolen or hacked.
•• Train employees and others on how
to identify, avoid and report potentially
malicious activity on corporate
networks: The construction industry
is heavily decentralized and involves a
number of stakeholders. Without thorough
and regular training and buy-in
from all personnel, even the most robust
Centrally located in
St. Louis, MO, the
complete line of
MKT Pile Driving and
Drilling Equipment has
been providing quality,
U.S.-made products to
contractors throughout
the nation since 1986.
EQUIPMENT
• Excavator Mount – Side Clamp
Vibratory Drivers / Extractors
• Excavator Lead Systems
• Crane Hung Hydraulic Vibratory
Drivers / Extractors
• Hydraulic Auger Systems
• Custom Design and Fabrication
approximately €250 million in sales and
€80 million in operating income as a
result of nearly one month of downtime
following the NotPetya attack.
•• Theft, loss or unauthorized disclosure
of corporate personal information:
While they are not likely to collect and
hold as much data as retailers or other
businesses, construction companies have
been targeted for their financial assets and
the information they retain about employees.
In 2014, for example, a multinational
engineering company suffered a breach of
approximately 52,000 employees’ names,
addresses, social security numbers and
personal bank account information. The
costs stemming from such data breaches
are often high and can be complicated by
rigorous data privacy laws that exist in
many jurisdictions.
•• Theft of proprietary corporate assets:
This could include privileged contracts,
confidential project/bid data, architectural
designs (including security designs)
and intellectual property. In 2013, a prime
contractor’s computers were breached by
hackers tied back to a foreign government;
floor plans, communication cable
layouts, server locations and security
Come see us!AT Booth #92219
system designs for a government building
project were stolen.
•• Theft of customer information
•• Access to personal information on
other organizations’ servers: A 2014
data breach of a retailer’s systems, for
example, was traced back to credentials
stolen from an HVAC contractor via a
phishing scam perpetrated against an
employee of the contractor.
•• Theft or other damage by disgruntled
employees, subcontractors, vendors
or competitors
Health care organizations, financial
institutions, retailers and public entities
have long considered cyber risk among
their most critical exposures, but the same
is not true of the construction industry.
Relatively few contractors have thoroughly
identified and quantified their cyber exposures
or developed plans to mitigate and/or
transfer that particular risk.
Risk assessment and prevention
The first step in managing cyber risk is to
identify sources of potential risk. Contractors
should conduct audits that gauge employee
access to and use of critical and sensitive
(314) 388-2254 (800) 325-8001 www.MKTpileman.com 1198 Pershall Road, St. Louis, MO 63137
www.piledrivers.org PILEDRIVER | 93
/www.MKTpileman.com
/www.piledrivers.org