The local Portland, Oregon, CFMA chapter held an Emerging Issues meeting, at which cybersecurity and legislative issues took front and center in the latest meeting. Michael and I attended, and there were many useful tidbits, which I've summarized here.
Cybersecurity threats and best practices
An opening statement by one attendee pointed out that, "Construction companies keep their valuable data on site, on their own servers, with on-site software. And they don't do regular security updates to the software."
At first glance, this does not seem too bad of a process. After all, most small companies do exactly this.
Enter "ransom-ware" or "Cry-ware" as some call it. Take a guess why it's called "cry-ware."
An example given during the meeting involved a construction company (about 20 million in revenue) that had their internal servers taken over by ransom-ware recently. The company lost access to all project information, accounting information, customer information. Everything that they kep...