High Contrast

Newsroom
Events
Subscribe
Solutions and services
Insights
About RSM
Careers
Contact RSM

Article

Complex business structures create cyber issues in real estate and construction

Cybersecurity industry snapshot

May 30, 2024
#
Cybersecurity consulting Real estate Construction

The cybersecurity threat facing real estate and construction companies may be overshadowed by publicity around prominent attacks in other industries, but these sectors are equally at risk.

An intricate network of players, combined with the mobile nature of work in this vast ecosystem, make real estate and construction prime targets for cybercrime. The high volume of field-to-office communication and payment transactions creates a playground for criminals to unleash social engineering, phishing attacks and other scams to exploit people and steal information and money.

“While cyber liability insurance helps protect companies against financial loss in the event of an attack, education and cybersecurity measures should be the first line of defense,” says Chris Wetmore, an RSM principal and leader in the firm’s technology advisory practice. Construction workers and others in these fields often connect to open networks, unaware that they are putting critical information at risk, he says.

Employee awareness training represents the bare minimum for effective cybersecurity governance. Companies doing business in multiple states must also adhere to nationwide data privacy and protection laws. For government work, such as Department of Defense contracts, compliance with the Cybersecurity Maturity Model Certification (CMMC) 2.0 program is now a requirement. Meanwhile, real estate investors increasingly want to see controls in place to protect their financial information.

We are seeing more companies leveraging cloud services and other technologies to mitigate cybersecurity risk, and also engaging third-party firms to manage their technology stack.
Matt Riccio, RSM Real Estate Senior Analyst

Many real estate and construction companies are challenged by inadequate resources for training, technical support and internal controls, which has led to more outsourcing.

“We are seeing more companies leveraging cloud services and other technologies to mitigate cybersecurity risk, and also engaging third-party firms to manage their technology stack,” says Matt Riccio, an RSM senior analyst for the real estate industry.

Riccio notes that ransomware, fraudulent wire transfers and data theft are commonplace among middle market real estate and construction firms. Finding protection against these cyberthreats is increasingly important as attacker tools and strategies grow more sophisticated by the day.

On the plus side, emerging cybersecurity technologies enhanced by cloud computing, artificial intelligence and machine learning are continually advancing to help organizations stay one step ahead of cybercriminals.

Related insights

Cybersecurity 2024 special report

Our annual insights into cybersecurity trends, strategies and concerns shaping the marketplace for midsize businesses in an increasingly complex risk environment.

Access the research

THE POWER OF BEING UNDERSTOOD

ASSURANCE | TAX | CONSULTING

RSM Canada LLP is a limited liability partnership that provides public accounting services and is the Canadian member firm of RSM International, a global network of independent assurance, tax and consulting firms. RSM Canada Consulting LP is a limited partnership that provides consulting services and is an affiliate of RSM US LLP, a member firm of RSM International. The member firms of RSM International collaborate to provide services to global clients but are separate and distinct legal entities that cannot obligate each other. Each member firm is responsible only for its own acts and omissions, and not those of any other party. Visit rsmcanada.com/about for more information regarding RSM Canada and RSM International.

© 2024 RSM CANADA LLP. All rights reserved.