Advertisement

Advertisement

Survey Finds Some Contractors Falling Short of Good Cyber Hygiene Practices

By Katie Kuehner-Hebert | Oct 29, 2024
cybersecurity, security, cyber risk, cyber threats

While most construction company executives know they should protect their systems from cyberthreats, a great deal are falling short, according to the 2024 Travelers Risk Index report.

Advertisement

Advertisement

Advertisement

While most construction company executives know they should protect their systems from cyberthreats, a great deal are falling short, according to the 2024 Travelers Risk Index report.

Contractors responding to the annual survey by New York City-based insurance firm Travelers listed their top three cyber concerns as unauthorized access to their company’s financial accounts, failure to operate their company due to cyber events and a security breach by hackers. A sizable majority (80%) believe that having proper cybersecurity controls in place is critical.

However, 70% of contractors admit their company does not use endpoint detection and response tools, 70% do not have a post-breach team, 56% do not have an incident response plan, 50% lack cyber insurance and 45% do not use multifactor authentication for remote access.

In its annual survey, Travelers polled 1,200 business leaders across several industry sectors about the issues that worry them most, and cyberthreats ranked as the top concern¾the fourth time in six years.

A record number (62%) of respondents say they worry some or a great deal about cyber risks. Other primary concerns include medical cost inflation (59%), which topped the list last year; increasing employee benefits costs (59%); broad economic uncertainty (59%); and the ability to attract and retain talent (54%).

“The findings speak to the business community’s greater awareness of cyber threats and the catastrophic damage, both operational and financial, a cyberattack can have on a company,” said Tim Francis, Travelers’ vice president, enterprise cyber lead, in a September 2024 press release. “What’s troubling is that while more businesses are securing cyber insurance as a tool to mitigate vulnerabilities, many still elect not to¾despite knowing the risks.”

Contractors aren’t the only ones falling short: nearly 30% of all respondents across industries say their company does not have a cyber insurance policy, though the percentage of those who do has steadily increased since Travelers first conducted the risk survey in 2014. This year, 65% of respondents have a policy, up from 60% in 2023, and considerably higher than in 2018, when only 39% said they had a cyber insurance policy.

The year-over-year increase was seen across businesses of all sizes: small businesses jumped to 41% from 34%, mid-sized companies increased to 77% from 74% and large businesses rose to 78% from 72%.

This could be due to more companies across industries experiencing cyber events, according to the survey results. A quarter (24%) of respondents suffered a cyber incident, and the percentage of companies reporting such events has steadily increased in nearly every year the survey has been conducted.

In a separate Travelers blog post, Francis recommends that companies

adopt a culture in which everyone within the organization constantly strives to protect systems, privacy and sensitive data.

In addition to implementing multifactor authentication, endpoint detection and response tools, companies should also keep systems up to date, routinely back up their data and develop an incident response plan.

“Make good cyber hygiene part of your plan,” he said. “Maintaining awareness and control of your IT assets is key.”

About The Author

KUEHNER-HEBERT is a freelance writer based in Running Springs, Calif. She has more than three decades of journalism experience. Reach her at [email protected].  

Advertisement

Advertisement

Advertisement

Advertisement

featured Video

;

New from Lutron: Lumaris tape light

Want an easier way to do tunable white tape light?

Advertisement

Related Articles

Advertisement