• Post published:30 September 2024
  • Post category:NIS2
  • Reading time:5 mins read

Luxembourg is attracting new citizens every day. Over the last 30 years, the population in Luxembourg has grown by 74% and by 25.7% since 2001, making it the country with the highest population growth in Europe. This fact alone gives an idea of ​​the pressure on housing availability, and in this context, the construction sector has played an essential role in ultimately making this availability viable. Although there are very few regulations regarding information security that must be complied with and therefore it is not at the top of the sector’s priorities, it is also true that a cyber attack can affect the activities of companies in the industry and thus generate financial losses, not to mention the losses of citizens due to delays in housing availability.

Some of the risks that companies in the sector face daily are:

  • Loss or deterioration of critical and/or confidential information.
  • Data leak.
  • Interruption of activities.
  • Damage to materials or physical assets..

These risks can materialize in potentially severe ways:

a) Machinery and Equipment Connected to Technological Systems (IoT and Automation).

  • Physical resources: Heavy machinery (cranes, excavators, trucks, etc.) are increasingly connected through Internet of Things (IoT) systems, which allows remote control, predictive maintenance and optimization of their performance.
  • Human resources: Specialized operators and technicians use digital control systems, tablets and software to monitor and control this equipment.
  • Technological resources: IoT telemetry and sensor systems collect real-time data and send it to a central platform where operations are monitored.
  • Cybersecurity: These systems demand protection from unauthorized access, as an attacker who compromises IoT systems or machine control software can disable or manipulate critical equipment, affecting project execution. This can cause damage to equipment or endanger workers if machines operate erratically. Example: An attack on the systems that control cranes or excavators can lead to workplace accidents or damage to infrastructure..

b) Building Information Modeling (BIM) and Project Management.

  • Physical resources: Construction designs and plans that directly affect physical works are made through digital platforms.
  • Human resources: Engineers, architects and project managers collaborate in real time using BIM software, which facilitates coordination between different areas and improves efficiency.
  • Technological resources: BIM software and project management systems (ERP) allow the creation of 3D simulations and the management of all aspects of a project, from design to logistics.
  • Cybersecurity: A cyber attack can compromise the accuracy of construction plans, which could result in design errors, delays and financial losses. If hackers gain access to project planning systems, they could modify schedules, budgets or inventory data, which destabilizes progress and resource management. In addition, the theft of confidential information can lead to legal problems or unfair competition.

c) Human Resource Management and Workplace Safety: A crucial aspect of construction company operations.

  • Physical resources: Security cameras, access systems, and ID cards control the entry and exit of personnel at construction sites.
  • Human resources: Workers and administrative staff use biometric identification systems or electronic cards to access restricted areas.
  • Technological resources: Access control systems and personnel management software digitize personnel operations.
  • Cybersecurity: An attack targeting human resource management systems can:
  • compromise identification systems and allow unauthorized access to restricted areas, endangering the physical security of employees and the project.
  • ead to the theft of employees’s data, such as financial or identification information. Those data can be used to commit fraud or blackmail.

In addition, construction companies handle sensitive information, such as plans, budgets, and client data. A cyberattack could result in the theft of this information, affecting competitiveness and customer confidence.

In summary, cybersecurity is not just about protecting the information and systems of construction companies. It is a critical factor in their long-term success and sustainability.