laptop location clock calendar

[WEBINAR] Cyber Planning Series for Architecture, Engineering, & Construction (AEC)

May
11
2021
Tue 9:00 AM to 10:30 AM
6 sessions ending Tue, Jun 15
Online
Facilitated by Pikes Peak SBDC
Topic: Government Contracting

Cyber Planning for Architecture, Engineering and Construction (AEC) Series

Connect2Dot sbdc-cyber

Click on the individual links below to sign up for specific classes at $25 per class or if you would like to attend the (6) part series for the discounted rate of $100, please use the BLUE registration button below. If you register and are not able to attend at the scheduled times, you will receive access to the on-demand videos for one full year!

Tuesday, May 11, 9:00AM - 10:30AM - Introduction to Cybersecurity for AEC Industry

Tuesday, May 18, 9:00AM - 10:30AM - Protecting Sensitive Information and Data

Tuesday, May 25, 9:00AM - 10:30AM - Physical Security as Part of a Sound Cybersecurity Plan

Tuesday, June 1, 9:00AM - 10:30AM - Identifying Risk for Architecture, Engineering and Construction (AEC) Industry

Tuesday, June 8, 9:00AM - 10:30AM - Cyber Scams and Social Engineering Specific to AEC Industry

Tuesday, June 15, 9:00AM - 10:30AM - Developing a Cyber Plan

Following are the details:

  1. Introduction to Cybersecurity for AEC Industry

According to eSENTIRE, “Often overlooked across the sectors that cyber attackers target, construction and related industries are quickly becoming a lucrative target due to the value of their data and the susceptible nature of their business operations. Cybersecurity should not be an afterthought but a priority.”

Some industries adopt new technologies due to convenience of use or enabled communications. The AEC industry is no exception. This class will introduce the concepts of cybersecurity and how to recognize the basic threats that may disrupt your business or supply chain.

Learning topics:

• Introduction to cybersecurity
• Introduction to communication threats
• AEC specific cyber concerns to be aware of using real world examples
• How to identify and protect your assets


  1. Protecting Sensitive Information and Data

Have you ever thought about all of the sensitive information and data that the AEC industry develops, shares, transmits, uses and stores? Have you ever thought of how that information and data is protected? Plans, drawings, schedules, pricing information, proprietary information and intellectual property needs to be inventoried and shared with only those entities that have a need to know the information. It can be overwhelming for some companies to address the issue. In this class we will look at the most common mistakes that are made and look at strategies in protecting information and data.

Learning topics:
• Sensitive Information & data
• Classifying and categorizing your information and data
• Classifying and categorizing assets that process, transmit or store sensitive information or data
• Developing a protection strategy
• Real world breaches in the AEC industry


  1. Physical Security as Part of a Sound Cybersecurity Plan

Physical security is related directly to cybersecurity in many industries. The AEC industry is no exception! AEC professionals use a variety of equipment and tools to perform their jobs. These assets need to be protected from theft, damage and data breaches.

Learning topics:
• Asset management
• Asset inventory and accountability
• Physical protection strategies for mobile or construction sites
• Incident reporting plan for lost, stolen or damaged assets


  1. Identifying Risk for Architecture, Engineering and Construction (AEC) Industry

Nearly all industries rely on technology to perform their business processes. In the AEC industry, 80% of your most critical business processes are automated. When a company is not prepared for cyberattacks, it can experience disruption, unplanned costs and reputational damage which are just a few of the outcomes that can be realized if a breach occurs. In this class, we will look at a risk index model that focuses on architecture, engineering and construction (AEC) as an industry. The risk model offers defensible risk identification, risk reduction and return on investment scenarios that justify investment in implementing or outsourcing Managed Detection and Response (MDR) services.

Learning topics:
• Asset management
• Asset inventory and accountability
• Physical protection strategies for mobile or construction sites
• Incident reporting plan for lost, stolen or damaged assets


  1. Cyber Scams and Social Engineering Specific to AEC Industry

Cyber and social engineering scams are up over 900% nationally and some are very specific to the AEC industry. Since major fires destroyed many communities in several western states and due to increased construction during the pandemic over the past 18 months, construction materials have become more costly and, in some instances scarce making them more valuable to AEC companies and to those that want to steal these resources.

In this class we will look at some real-world case studies where the AEC industry has lost millions of dollars in resources, technology and personnel due to scams and social engineering. We will look at methods to identify these threats, train unwary employees and develop tactics to minimize the impact to your organization.

Learning topics:
• Social Engineering tactics
• Scams related to AEC
• Training and awareness resources
• Reporting instances
• Developing a strategy to minimize the risk


  1. Developing a Cyber Plan

This class is the culmination of the previous five weeks. The learner will be developing a plan to perform a self-assessment in the critical areas that were discussed in previous classes. Each learner will understand what their critical processes are, where their most sensitive information and data resides, recognize those threats that are most likely to occur and develop a prioritized list of tasks and activities that need to be considered for protecting their business and resources. A basic plan will be provided to learners to complete on their own.

Learning topics:
• Summary of the AEC Cyber Series
• Developing a plan, where to start
• Prioritizing tasks and activities
• Identifying resources to help develop your strategy and monitor success
• Collaboration with peers in your industry


Facilitated by:

Shawn Murray

Dr. Shawn P. Murray, C|CISO, CISSP, CRISC, FITSP-A
President, Chief Academic Officer, Cyber Security Professional
CISO, Murray Security Services & Consulting

To register for the (6) part series for the discounted rate of $100, please use the registration link below.

Questions: Please contact Rita Maynes, Program Manager, Pikes Peak Small Business Development Center


Fee: $ 100.00

Site Content © 2021, Colorado SBDC