In its recent Cybersecurity Strategy, the U.S. Department of Homeland Security (DHS) defined “cyberspace” as “the independent network of information technology infrastructure, including the Internet, telecommunications networks, computers, information and communications systems, and embedded processors and controllers.” To DHS, protecting cyberspace includes threats against “federal and nonfederal information systems.” In other words, both private and public interests are at risk. In his 2018 National Defense Strategy, U.S. Department of Defense Secretary, Jim Mattis, essentially concurred in declaring cyberspace a “warfighting domain” and promising to “invest in cyber defense, resilience, and the continued integration of cyber capabilities into the full spectrum of military operations.”

The construction industry is a key player in cybersecurity because contractors, designers and owners are responsible for building and delivering projects providing critical public services like national defense, health care, law enforcement, transportation, and utilities. Like any business reckoning with risks in cyberspace, moreover, everyone on a construction project has valuable data and confidentialities to protect. Cyber breaches on a project may also compromise electrical power, physical safety and, inevitably, a lot more than the critical path schedule and profit margins. Cybersecurity insurance is not very affordable or comprehensive, either, and it usually excludes any property damage or bodily injury resulting from a cyber event.