Handling Cybersecurity Attacks in the AEC Industry

How do you shore up your assets and your ERP system to handle and protect against potential cybersecurity threats?

As an architecture, engineering and construction firm (AEC), just how vulnerable are you to cybersecurity threats? Is your data safe? Are your drawings and models at risk? Recent research shows that “AEC firms are twice as likely to face ransomware attacks as other industries. More than 30% of companies that fall prey to successful cyberattacks are victims again one or more times.” How, then, do you shore up your assets and your ERP system in particular, to handle—and protect against—potential cybersecurity threats?


Last year was perhaps one of the most active for cyberattacks, with an increase of 50% year-over-year. In fact, experts estimate that a company falls victim to a cyberattack every 39 seconds, and more than 60% oforganizations globally have experienced at least one form of cyberattack. These attacks come at a very high price, according to the Ponemon Institute and IBM’s 2021 Cost of a Data Breach Report. The average total cost of a data breach increased from $3.86 million to $4.24 million in 2021, not to mention the cost of lost business and reputation.


In the case of an AEC firm, most of the organization’s intellectual property, such as files, drawings, models and contracts, sit in the digital space. For this reason, a cybersecurity plan must be in place without fail or delay. Consider the consequences: a hacker could gain access to your design files for a bridge under construction and hold that data for ransom. Or a cybercriminal could access design information on a transit agency’s network, potentially bringing an entire city to a grinding halt. Atlanta, New Orleans, and Baltimore have been hit with cybersecurity threats that forced their networks to shut down temporarily. Because of this risk, federal agencies, and state and municipal clients, require AEC firms to adhere to higher security compliance standards as defined by the Department of Defense Cybersecurity Maturity Model Certification.


Where does your ERP system currently stand?

Clearly, AEC firms need to secure their ERP system and all digital assets. But how? The first step is to evaluate your current ERP system. Is it aging or outdated? While you may perform backups, that might not be enough. You should also consider the time it takes to restore data from a backup and the ensuing loss of business and revenue. Do you have endpoint security? That, too, can be vulnerable, as attackers can bypass the endpoint detection and response (EDR) software by accessing data through an application.


People power

Your employees are key to protecting against attacks. Live in-person training, mandatory cybersecurity instruction, and fire drills can improve your cyber defenses. Immersive Labs, a leader in cyber defense training, has pioneered a single enterprise platform that can measure and report the defense capability of your entire workforce, continually improving your firm’s cyber resilience. In addition, your cybersecurity policy should help employees understand the responsible use of emails, company data, the internet, and social media. At the same time, do not forget the importance of continually refreshing login information.


Multifactor authentication

While single authentication—i.e., a password—is standard, one-factor authentication won’t cut it for modern ERP systems. Password cracking is one of the simplest and most common forms of hacking. Consider a move to two- or more-factor authentication. The good news is that today you no longer need a physical device to achieve this, as a code can be sent to an email address. Experts say multi-factor authentication can reduce the risk of attacks by as much as 90%.



Are you up to date with the latest software patches to support your operating systems? Make—and keep—a schedule for updating security patches. Here’s a tip: look into an automatic updater which applies any software updates when available. While you’re at it, conduct penetration testing. An outside consultant can hack into your network (called ethical hacking) and check your defenses. With this data in hand, you can fix what’s “broken” before an actual attack occurs.


Cybersecurity response plan

Put together a cybersecurity response plan sooner rather than later. Include rules and procedures on how to treat the first minutes after the discovery of an attack. Also, assign roles to members of your staff, from IT to HR and finance.


What to keep an eye on

How do you know you’re in trouble? There are several signs or symptoms of a potential cyberattack. Look out for frequent, random popups. Be alert to your internet searches being redirected. Your online passwords may suddenly not be working, or you may get fake antivirus messages or even worse, a ransomware message. You should also keep an eye on the speed of your network. A hacking attempt or malware outbreak can result in spikes in network traffic and reduction in internet speed. Lastly, look out for phishing—mysterious emails that look authentic but are attempts for employees to click on a link that exposes all your data to hackers. If you’re not sure you have been hacked but suspect it, act immediately. It’s better to be safe than sorry.


What to do if you’re hacked

If you’re hacked, take the following steps at once:

  • Alert the IT team
  • Have your IT staff disconnect the computer(s) from the network and start documenting the infection
  • Check backups in the cloud to ensure they’re not compromised
  • Implement cybersecurity protocols
  • Follow the cybersecurity response plan you have in place
  • Use security systems to track potential malicious assets
  • Trace all malware or security vulnerability immediately


Your best protection is a safe and secure ERP system

With cyberattacks on the rise and AEC firms especially vulnerable, there is even more that AEC firms can do to protect digital assets. A modern, updated ERP is key in defending against ransomware and other cyberattacks. Unanet’s ERP solution, for instance, provides intelligent automations like machine learning and artificial intelligence (AI) that make it easier to safeguard your systems from attack.


In addition, modern ERPs enable businesses to automate and prioritize critical elements of the application’s lifecycle— including the ability to govern access and manage identities and users. Plus, they monitor configuration changes and custom code, consistently apply patches and updates, review RFC (remote function calls) connections and interfaces, analyze logs for anomalies and attacks, and monitor business transactions.


A cloud-based ERP system is all the better, as it offers a more streamlined approach with continual updates and security best practices from cloud and software providers.



While cyberattacks seem to be here to stay, a proactive approach that includes a modern, cloud-based ERP system can help AEC firms continue to conduct business with minimal disruption.


Unanet ERP for Architects and Engineers

Unanet is a leading provider of ERP solutions. More than 3,200 project-driven organizations depend on Unanet to turn their information into actionable insights, drive better decision-making, and nurture business growth.


Unanet AE ERP is purpose-built for Architecture & Engineering firms and offers a powerful combination of Project Management, Business Intelligence, Time and Expense Tracking, Financials, and Integration tools in one single source to run your business more effectively. Powerful and customizable analytic dashboards allow organizations to gain greater visibility and control, analyze data and trends in real time, interact dynamically with their data, and drive their business forward.