Blog Post
By April Falcon Doss

The Scope of the Threat. Five or ten years ago, the most widely recognized cybersecurity threats involved the risk of compromises of personally identifiable information (PII) such as Social Security numbers, payment card information, and the like.  The high-profile data breaches frequently involved retailers, health care providers, or other consumer-facing companies and industries.  Many of the warnings about cybersecurity threats focused on these kinds of risks, and state data breach laws in the U.S.

Blog Post
By Garry R. Boehlert and April Falcon Doss and Sunu M. Pillai

The Wall Street Journal recently reported that cyber-attacks by foreign governments into the nation’s electric grid are utilizing what it called "the system’s unprotected underbelly," the contractors and subcontractors that work for the utilities. According to the Journal’s reporting, a 15-person construction contractor in Salem, Oregon had fallen victim to a cyber attack, one that the Department of Homeland Security said was most likely carried out by a foreign government. 

Blog Post
By Sunu M. Pillai

Although some of the most high-profile cyberattacks have involved consumer-facing industry sectors – such as health care, retail and technology companies – recent experience has shown that construction companies and project owners are also prime targets. A data breach at a construction or owner company could expose a trove of information, including bid or design information, information on industrial control systems and other critical infrastructure, financial information and employee information.