Zurich Insurance
126 Hagley Rd Birmingham, West Midlands, B16 9PF +44 121 456 1999
+44 121 456 1999
  • About Zurich

    Zurich is a leading multi-line insurance provider with a global network that spans more than 170 countries. Working closely with customers and brokers alike, Zurich is proud to offer a spectrum of life insurance and services and general insurance to personal lines, SME, mid-market and global corporate customers.  When it comes to brokers, Zurich is not only focused on offering the best products but practical expertise, tools and knowledge that they can pass on to their clients too. Our key online resource and newsletter Insider allows UK brokers to enjoy free access to the latest expertise, thoughts and opinions on the insurance industry.

    Simply register online to start getting the latest industry insights from Zurich’s Insider newsletter and information hub> www.insider.zurich.co.uk

    For more information on Zurich’s products and services please visit www.zurich.co.uk/broker

Is it time for the construction industry to re-think cyber risk?


At a glance

  • The construction industry’s reliance on technology has changed significantly over the last decade
  • Should the construction sector re-think the seemingly intangible risk of Cyber?
  • In her blog Bernadette Hackett, Head of the Global Construction Industry Community at Zurich looks to answer this question

Cyber risk probably isn’t a major concern for many construction sector organizations. After all, the industry’s focus is on physical work with tangible assets, and digital activity is fairly minimal and unlikely to attract cyber criminals – isn’t it?

So, why should the construction sector re-think this seemingly intangible risk?

Reliance on technology

The industry’s reliance on technology has changed significantly over the last decade, and there has been a massive adoption in terms of wider project delivery and how organizations operate.

From office operations to activities on-site, technologies such as cloud storage, email and smartphones are commonplace. Digital tools, such as Building Information Modelling (BIM), are also permeating all aspects of the design stage, along with technology such as 3D-printing, remote building monitoring systems, brick-laying robots and other automated techniques.

While the nature of adoption might be different from other industries, today’s construction sector organizations are unquestionably operating in a modern, digitized and connected way.

But, as the industry progressively embraces new technologies it cannot afford to ignore the corresponding risks. If unmanaged, cyber risk ultimately threatens to outweigh the benefits gained from continued technological advances.

An attractive target

The cyber-attacks that make headlines typically concern breaches of personal data, such as login credentials or credit card information. As the industry doesn’t regularly deal in such information, there is a common misconception that it is not a likely target for cyber criminals.

But unfortunately, this is not the case. The industry presents a wide-range of attractive opportunities for cyber criminals. From controlling critical services, to the theft of trade secrets, there are many reasons that a construction sector organization could fall victim to cyber-crime.

Just 33% of cyber incidents are ever reported, according to research by the Online Trust Alliance. And while the construction sector may experience cyber-crime, unless a breach conforms to strict reporting requirements, the majority will not be publicized. This lack of knowledge-sharing can lead to underestimates of the true nature and scale of cyber exposures. If the industry is unaware of common vulnerabilities, it presents low-hanging fruit for cyber criminals.

Cost to the business

The average cost of a data breach currently sits at USD 3.62m, according to research by IBM and the Poneman Institute.

Imagine, for example, that your entire library of CAD drawings was encrypted and ransomed, or simply deleted. What would it cost to recommission and replace them all? Then, add the wide range of associated business interruption costs, such as delays to on-going projects and employee overtime. You then begin to see the true impact of a potential cyber incident.

Tackling cyber risk

While businesses may be reluctant to allocate additional resources, in today’s environment, cyber is an essential strategic risk for everyone to understand and manage – not just a matter for your IT department or provider. IT professionals are primarily focussed on network functionality, whereas cyber risk is a much broader issue, ranging from how you deal with third parties to the actions of workers on site.

It is always recommended to seek advice from an independent third party. IT providers can sometimes be biased towards the technologies and services that they deal in. Seeking impartial advice will ensure that you take the best course of action for your particular needs.

Zurich’s expert Risk Engineers are here to offer candid, unbiased assistance on cyber risk and wide variety of other topics. Many of our Risk Engineers have previously worked in the construction sector and its associated trades, offering unrivalled insight into your activities and the challenges you face.

Latest video

Zurich UK CEO Tulsi Naidu talks about their 2018 financial results

Watch CEO Tulsi Naidu talking about Zurich Insurance Group's 2018 UK financial results.If you would like to view the full results CLICK HERE click here for more