MANAGEMENT By Tracy Bennett
Cyber Security in Construction Growing Threats and Smart Strategies
One of the liveliest sessions at SEAA’s 2025 Convention featured experts on cyber risk. Satyam Verma of Egnyte is pictured.
A
s the construction industry rapidly embraces digital transformation, it also faces a mounting threat: cybercrime. A recent cybersecurity panel brought together experts Satyam Verma, Construction Practice Leader at Egnyte, and Keith Tagliaferri, Director of Cyber Claims Practices at The Hartford, to explore how businesses in architecture, engineering, and construction (AEC) can defend themselves against today’s digital risks.
Explosive Data Growth—and Risk Construction firms now manage an overwhelming amount of data. “The average AEC firm used to handle around three terabytes of data. Today, that Tracy Bennett is Editor of Connector and President of Mighty Mo Media Partners
18 | THE STEEL ERECTORS ASSOCIATION OF AMERICA
number has grown to 24 terabytes,” said Verma. “With this exponential growth in data, we are leaving ourselves greatly exposed without the right internal policies, external partnerships, and security measures in place.” Verma explained that this explosion of cloud tools, often 15 to 600 apps in a single tech stack, has introduced countless vulnerabilities. “There are 600 potential locations where intellectual property and private data may be sitting in open-access repositories, even from projects that ended a decade ago.”
The Cyberattack Landscape Keith Tagliaferri, whose team at The Hartford processes cyber insurance claims at the organization, categorized the most common and devastating types of cyberattacks:
1. Business Email Compromise (BEC) These scams trick employees into wiring money to fraudulent accounts. “They’re the most frequent,” said Tagliaferri, “but not the most severe, typically costing $30,000 to $200,000 per incident.” 2. Ransomware Attackers encrypt entire systems and demand ransoms, often in the millions. “The industry sees million-dollar ransomware attacks every day,” Tagliaferri noted. “The first question claims and incident response experts ask is: do you have backups? If the answer is no, we all know which route we’re headed down, and it’s typically not good.” 3. Data Breaches These continue to be prevalent and highly damaging, with costs varying depending on the type of data accessed and compliance obligations involved.