The construction industry is undergoing a digital transformation , with smart equipment, AI-driven project management, and cloud-based tools becoming integral to daily operations. While these advancements offer efficiency and innovation, they also introduce significant cyber vulnerabilities. From ransomware and system outages to AI-related threats, the risks are real and growing. This article explores the evolving cyber threat landscape in construction and how tailored insurance solutions can help mitigate these challenges.
As construction firms embrace digital tools like Building Information Modeling (BIM) and project management software, they also open the door to cyber threats. Data breaches, intellectual property theft, and operational disruptions can delay projects and result in substantial financial losses.
Despite a 45% drop in median ransomware payments in Q4 2024 [1] , the average payment rose by 16%, indicating fewer but more complex attacks. In 2024 alone, over 5,400 cyberattacks were reported globally - an 11% increase from the previous year. One company even faced a record $75 million ransomware demand, underscoring the severity of the threat.[2]
Cyber risks aren’t limited to malicious attacks. The July 2024 CrowdStrike outage, caused by a flawed software update, became the largest IT disruption in history, affecting multiple industries including construction. With estimated losses of $5.4 billion for U.S. Fortune 500 companies, the incident highlighted the importance of system failure coverage essential for firms reliant on digital infrastructure. [3]
AI is revolutionizing construction, enhancing everything from design to safety protocols. However, its integration brings new risks. AI systems can be manipulated or “data-poisoned,” leading to flawed outputs and compromised safety. While AI offers efficiency, it also demands a deeper understanding of its vulnerabilities.
Insuring AI-related risks remain complex. Traditional cyber policies may not cover delays or losses caused by compromised AI systems. Additionally, AI introduces potential employment and liability exposures, which may fall under Employment Practices Liability (EPL) or Directors and Officers (D&O) policies.
To address these risks, construction firms must go beyond insurance.
Cybersecurity in construction is only as strong as its weakest link. Projects often involve a web of subcontractors and third-party vendors, each with their own systems and security standards. Even if a firm has strong internal controls, vulnerabilities in its supply chain can expose it to risk.
Clients are becoming more proactive, as reflected in the decline in ransomware payments. However, managing third-party risk remains a challenge. Firms must assess not only their direct vendors but also the software and systems used by subcontractors. This requires continuous oversight and clear communication.
Contractual risk transfer is another evolving area. Many organizations struggle to define liability in the event of a breach. Ambiguities in contracts can leave firms exposed, making it critical to clarify responsibilities and maintain strong operational and legal safeguards.
The cyber insurance market is stabilizing after a period of volatility. Following 18 months of premium reductions, insurers are now adopting a more cautious approach, aiming for flat rates across coverage layers. This shift reflects the need to balance risk with sustainability, especially considering recent high-profile incidents.
Legal complexities are also increasing, with a rise in cyber-related litigation. As these cases unfold, premiums may rise, but the market remains competitive. Insurers are focusing more on a company’s security posture than just pricing, encouraging firms to invest in robust cybersecurity strategies.
New entrants are expanding capacity, offering coverage beyond primary layers and providing greater flexibility. This competitive environment benefits clients, offering opportunities to negotiate more tailored and resilient coverage - especially under current soft market conditions.
To meet the demands of today’s digital landscape, insurers and clients must work together to resolve coverage ambiguities and improve coordination across policy lines. For example, system failure coverage must be clearly defined - what seems like a minor issue, such as an unplugged cable, could have far-reaching consequences if it disrupts critical infrastructure.
Construction firms face unique risks that require specialized solutions. Recent enhancements include:
The future of cyber risk management in construction lies in collaboration and innovation. As AI, IoT, and other technologies become more embedded in operations, insurers and construction firms must work together to develop specialized, forward-looking insurance products.
We anticipate greater coordination between insurance lines, clearer policy definitions, and more customized solutions tailored to the construction sector. By staying informed, proactive, and engaged, the industry can build a more secure and resilient future, where technology and protection go hand in hand.
You can listen to ‘Top construction cyber risks: safeguarding projects from data breaches’ episode of our Construction Blueprints podcast series for the full conversation.
WTW hopes you found the general information provided in this publication informative and helpful. The information contained herein is not intended to constitute legal or other professional advice and should not be relied upon in lieu of consultation with your own legal advisors. In the event you would like more information regarding your insurance coverage, please do not hesitate to reach out to us. In North America, WTW offers insurance products through licensed entities, including Willis Towers Watson Northeast, Inc. (in the United States) and Willis Canada Inc. (in Canada).
