November 12, 2024
Cybersecurity Compliance Essentials for Construction Firms

Cybersecurity Compliance Essentials for Construction Firms

In construction, cybersecurity is more than a tech concern—it’s essential for protecting your business, data, and clients. With sensitive project details, employee information, and financial data on the line, a single breach can lead to severe financial and legal consequences. By prioritizing cybersecurity compliance, you safeguard vital data while fulfilling

Read More »
Latest Issue
Issue 322 : Nov 2024

November 12, 2024

Homebuilder Lovell raises £12,000 for north-east homelessness charity with successful golf day

Homebuilder Lovell has raised more than £12,000 for a homelessness charity by holding a fundraising golf day. The event was held on Thursday 5 September at Ramside Hall in Carrville, County Durham, in aid of Oasis Community Housing which helps homeless people and works to prevent homelessness across the north east and south east of England. The north east region of Lovell became a partner sponsor of the charity last year. Phil Jones, Head of Land and Partnerships for Lovell, said: “Oasis Community Housing does incredible work in this region and beyond to help people who are at risk of or enduring homelessness.  There are many reasons why people find themselves facing such a terrible situation and this incredibly worthwhile organisation is there to help. “We are happy to support Oasis Community Housing again this year and our golf event was an especially fun way to do it. There were a range of activities, and it was a great chance for our staff and suppliers to get together. “We are glad to have raised thousands for the cause with our successful golf event and we know that the money will be put to very good use.” Oasis Community Housing has been running for 40 years. Over the past year it has supported more than 1,300 people. More than 230 individuals and families were housed in its Home 24/7 supported accommodation, while its Basis drop-ins provided 1,245 hot showers and helped people rough sleeping or in housing crises on 5,278 occasions. And 87 per cent of women helped by its Empower domestic abuse team said they felt safer afterwards. The golf day raised £12,115 including £8,500 in booking fees alone. The event was booked up in advance and attracted 88 players who made up 22 teams. Those attending included representatives from Lovell and Oasis Community Housing, contractors and suppliers from the construction industry as well as guests and partners. The day included a Stableford competition as well as prizes for closest to the pin, longest drive and putting. A ‘beat the pro’ challenge had a prize of a Mini for the weekend. Presentations took place at the end of the day alongside a barbecue. Extra funds were raised for the cause with a raffle featuring a range of prizes including golf vouchers for courses across the north east. Last year the north east region of Lovell raised over £15,000 for Oasis Community Housing and its 2023 golf day contributed more than £10,000 of that total. Building, Design & Construction Magazine | The Choice of Industry Professionals

Read More »
Cybersecurity Compliance Essentials for Construction Firms

Cybersecurity Compliance Essentials for Construction Firms

In construction, cybersecurity is more than a tech concern—it’s essential for protecting your business, data, and clients. With sensitive project details, employee information, and financial data on the line, a single breach can lead to severe financial and legal consequences. By prioritizing cybersecurity compliance, you safeguard vital data while fulfilling legal and contractual obligations that keep your firm competitive and trustworthy in the digital age. Identifying Compliance Standards Several cybersecurity standards might apply to your firm, depending on your projects and clients. Key standards to be aware of include: Each of these cybersecurity compliance standards provides a framework, but the requirements may vary. For guidance specific to Oregon’s construction sector, check out fixedfeeit.com in Portland or other trusted resources to help determine which standards apply and how to implement them effectively. Conducting a Risk Assessment A thorough risk assessment helps you identify where your firm’s cybersecurity vulnerabilities lie. Begin by listing all digital assets—computers, smartphones, servers, and any other devices connected to your network, including those used on job sites. Then, consider potential threats, both internal (like employee mistakes) and external (such as cyberattacks). This inventory highlights weak spots in your network. Next, assess each vulnerability’s potential impact on your operations, finances, and reputation. For instance, outdated software and weak passwords might leave doors open to attacks. Understanding these risks gives you a roadmap for addressing your firm’s most urgent needs, helping you allocate resources effectively and prioritize security improvements where they’re needed most. Creating a Cybersecurity Policy A clear, comprehensive cybersecurity policy is the backbone of compliance. Your policy should outline the procedures and protocols for handling sensitive information and respond to security incidents. Here are the key elements to include: This policy should be regularly updated, accessible, and reinforced through mandatory training. Training Your Workforce Human error is a common cause of security breaches, making employee training crucial to cybersecurity. Educate your team on key compliance practices, including recognizing phishing attempts, securing passwords, managing job site devices, and following incident reporting protocols. Emphasize practical skills, like avoiding public Wi-Fi on construction sites and securing personal or company-issued devices used for work. Regular training sessions, along with mock phishing tests, ensure employees understand and follow these protocols. By reinforcing these responsibilities, your workforce becomes a vital part of your cybersecurity defense, especially given the field-based nature of construction work. Using Secure Technologies Technology choices play a big role in cybersecurity compliance. From secure cloud storage to encrypted communication tools, selecting the right technologies helps you stay compliant and protect sensitive project data. Essential tools and practices to consider include: These technologies provide foundational security, making it harder for attackers to infiltrate your systems. Documenting Compliance Efforts Documenting cybersecurity activities shows your commitment to compliance and safeguards your firm in case of an audit. Keep a record of risk assessments, policy updates, training sessions, and incidents to provide a clear trail for verifying compliance. Regular updates to these records are essential. Summaries of assessments, policy changes, and incident responses demonstrate that your firm actively prioritizes cybersecurity. This documentation is invaluable for both internal reviews and external audits, especially when overseeing multiple job sites or contracts. Regularly Reviewing and Updating Security Measures Cyber threats evolve, and so should your security practices. Regularly review your cybersecurity measures to ensure they align with current threats and compliance requirements. Schedule annual risk assessments and update your cybersecurity policy as needed. Staying proactive helps you catch potential vulnerabilities before they become issues. Additionally, keep an eye on updates to compliance standards. As regulations change, your firm needs to adjust to remain compliant. This approach saves you the headache of scrambling to meet new requirements at the last minute. Final Thoughts Cybersecurity compliance is a vital aspect of running a modern construction firm. By understanding applicable standards, conducting regular assessments, implementing strong policies, and training your workforce, you can create a resilient defense against cyber threats. Compliance isn’t just about meeting regulations; it’s about protecting your business and the people you serve. By staying proactive and diligent, you’re investing in a secure future for your firm and your clients.

Read More »