UK: NCSC and Chartered Institute of Building release guidance on cybersecurity of construction businesses



24 2022

UK: NCSC and Chartered Institute of Building release guidance on cybersecurity of construction businesses

New guidance, issued by the NCSC and the Chartered Institute of Building, is designed to help small and medium-sized construction businesses.

View 1.5K

word 826 read time 4 minutes, 7 Seconds

The National Cyber Security Centre ('NCSC') published, on 23 February 2022, in partnership with the Chartered Institute of Building, a guide for Cyber Security for Construction Businesses, which provides guidance for small and medium sized businesses working in the construction industry and its wider supply chain on protecting against cyber threats at each stage of construction. In particular, the guide lays out guidance on the design, construction, and handover stage for business owners and managers, as well as practical guidance for staff responsible for IT, in light of recent high profile cyber attacks against the construction industry. Furthermore, the guide explains common cyber threats faced by the industry, including spear-phishing, ransomware, and supply chain attacks.

  • First-ever cyber security guidance aimed at UK construction industry issued by GCHQ’s National Cyber Security Centre
  • Due to online threats facing the sector, the NCSC advises firms that cyber security measures are as vital as wearing a hard hat on site
  • Guidance has been launched in association with the Chartered Institute of Building and is aimed at small and medium-sized construction businesses

CONSTRUCTION businesses are being offered first-of-its-kind cyber security guidance from UK experts (Wednesday) to help build up their resilience to online threats.

The new Cyber Security for Construction Businesses guide from the National Cyber Security Centre (NCSC) – a part of GCHQ – provides tailored, practical advice for the industry on how to protect their businesses and building projects.

The guidance, launched with the Chartered Institute of Building (CIOB), is aimed at small and medium-sized firms as businesses rely more on digital tools and ways of working, such as using 3D modelling packages, GPS equipment and business management software.

Construction businesses of all sizes continue to be targets for cyber attackers due to the sensitive data they hold and high-value payments they handle.

The guide offers practical advice for each stage of construction, from design to handover, and sets out the common cyber threats the industry faces, including from spear-phishing, ransomware and supply chain attacks.

Sarah Lyons, NCSC Deputy Director for Economy and Society Engagement, said:

  • “As construction firms adopt more digital ways of working, it’s vital to put protective measures in place to stay safe online – in the same way you’d wear a hard hat on site.
  • “That’s why we’ve launched the new Cyber Security for Construction Businesses guide to advise small and medium-sized businesses on how to keep their projects, data and devices secure.
  • “By following the recommended steps, businesses can significantly reduce their chances of falling victim to a cyber attack and build strong foundations for their overall resilience.”

Construction Minister Lee Rowley MP said:

  • “Data and digital technology is helping to make the construction industry more productive, competitive and sustainable. However, with this new technology comes threats that businesses must be wary of and take action to defend themselves from.
  • “This guide provides firms with easy to follow, practical advice to improve resilience to online threats, which will help to ensure projects are delivered on time and securely.”

Caroline Gumble, Chief Executive of the Chartered Institute of Building, said:

“The consequences of poor cyber security should not be underestimated. They can have a devastating impact on financial margins, the construction programme, business reputation, supply chain relationships, the built asset itself and, worst of all, people’s health and wellbeing. As such, managing data and digital communications channels is more important than ever.

“This guide provides a timely opportunity to focus on the risks presented by cyber crime, something that has been highlighted by CIOB for some time. We’re now delighted to partner with the National Cyber Security Centre (NCSC) and the Centre for the Protection of National Infrastructure (CPNI) to produce another invaluable resource.”

The new guidance is split into two parts: the first aimed at helping business owners and managers understand why cyber security matters, and the second aimed at advising staff responsible for IT equipment and services within construction companies on actions to take.

The advice outlines seven steps for boosting resilience, covering topics including creating strong passwords; backing up devices; how to avoid phishing attacks; collaborating with partners and suppliers; and preparing for and responding to incidents.

The majority of businesses in the construction industry fall under the small and medium-sized categories.

Last year, #chapter-5-incidence-and-impact-of-breaches-or-attacks" target="_blank">a survey by the Department for Digital, Culture, Media and Sport of all types of businesses found more than a third of micro (37%) and small businesses (39%) reported falling victim to a cyber security breach or cyber attack in the previous year, with this increasing to 65% for medium-sized businesses.

The NCSC is committed to helping UK organisations of all sizes improve their cyber resilience and has a published a range of guidance on how to defend against online threats on its website.

For smaller construction businesses without dedicated IT staff, the NCSC’s Small Business Guide offers further affordable, practical advice on how to stay secure online, while larger organisations can find guidance in the 10 Steps to Cyber Security collection.

source National Cyber Security Centre

Source by Redazione

LSNN is an independent editor which relies on reader support. We disclose the reality of the facts, after careful observations of the contents rigorously taken from direct sources, we work in the direction of freedom of expression and for human rights , in an oppressed society that struggles more and more in differentiating. Collecting contributions allows us to continue giving reliable information that takes many hours of work. LSNN is in continuous development and offers its own platform, to give space to authors, who fully exploit its potential. Your help is also needed now more than ever!

In a world, where disinformation is the main strategy, adopted to be able to act sometimes to the detriment of human rights by increasingly reducing freedom of expression , You can make a difference by helping us to keep disclosure alive. This project was born in June 1999 and has become a real mission, which we carry out with dedication and always independently "this is a fact: we have never made use of funds or contributions of any kind, we have always self-financed every single operation and dissemination project ". Give your hard-earned cash to sites or channels that change flags every time the wind blows , LSNN is proof that you don't change flags you were born for! We have seen the birth of realities that die after a few months at most after two years. Those who continue in the nurturing reality of which there is no history, in some way contribute in taking more and more freedom of expression from people who, like You , have decided and want to live in a more ethical world, in which existing is not a right to be conquered, L or it is because you already exist and were born with these rights! The ability to distinguish and decide intelligently is a fact, which allows us to continue . An important fact is the time that «LSNN takes» and it is remarkable! Countless hours in source research and control, development, security, public relations, is the foundation of our basic and day-to-day tasks. We do not schedule releases and publications, everything happens spontaneously and at all hours of the day or night, in the instant in which the single author or whoever writes or curates the contents makes them public. LSNN has made this popular project pure love, in the direction of the right of expression and always on the side of human rights. Thanks, contribute now click here this is the wallet to contribute

Similar Articles / UK: NCSC...usinesses
from: rockitalia
by: Rockitalia