Be Proactive Now: Commercial Construction Quickly Joining List of Industries Vulnerable to Cyber Attacks
June 15, 2017 —
Jeffrey M. Dennis & Nathan Owens – Newmeyer & Dillion LLPCommercial contractors have long faced their own unique business risks - labor and material shortages, delay claims, bonding issues, and defects in workmanship. But, in today's ever-evolving cyber world, it is imperative that contractors understand they are vulnerable to risks beyond finishing a project on time and on budget. As we are seeing more and more each day, cyber threats impact all businesses, including the construction industry, and the failure to protect against these threats will cost your company millions in damages and reputational harm.
UNDERSTANDING CYBER THREATS
Traditionally, cyber threats are thought of as the theft of employee and customer information over the internet. Given the construction industry is the largest employer in the world, the need to protect this information is obvious. The release or loss of personnel or consumer data could lead to extensive liability under a variety of potential claims, including statutory fines. In addition to securing confidential information, companies have to protect against outside agents accessing control of a company’s security protocols, equipment or encrypting files using malicious software. The recent “WannaCry” attack demonstrates that no business is immune from cyber attacks.
EXAMPLES OF RELATED BREACHES
For those that think these scenarios do not happen, here are two examples of these types of breaches:
* In May 2013, Chinese hackers stole floor plans, server information, and security system designs from an Australian prime contractor. Fearing the risks of compromised physical and network security, the contractor incurred additional costs of $132.6 million in project delays and costs to rework the various components that had been stolen.
* Then, in December 2014, a German governmental office reported that a steel mill suffered massive damage when malware prevented a blast furnace from being properly shut down. Hackers gained access to key technology within the company, which eventually allowed them to control the production line.
THE NEW WORLD OF THE IoT
In addition to these types of “traditional” hacking threats, cybersecurity risks continue to evolve and become more complicated every day. Some of these new threats are driven by the development of a phenomenon known as the Internet of things, or IoT. The IoT is most basically defined as the interconnection of devices with on / off switches to the Internet and each other. Since the IoT is estimated to be 20 billion or more devices within 3 years, and can be combined with malicious software, IoT poses one of the most challenging risks for contractors to protect against.
The technology included in today's commercial buildings clearly opens this avenue of risk. A centralized computer control center, typically employed in new buildings, controls and maintains the systems that are vital to the operation of the building, e.g., power, elevators, HVAC, lighting, and security. What happens if a hacker gains control to one of these systems, let alone all of them? What if a hacker simply utilizes an IoT attack to overwhelm a building’s computer systems? In either scenario, at a minimum, significant disruption would occur. Worse, the health and safety of those within the building could be jeopardized. A hacker may utilize ransomware in combination with an IoT attack to take over control of the building and hold it and possibly the occupants “hostage” until a ransom is paid.
The first significant IoT attack happened in October 2016 when a major web hosting company was attacked through the IoT, causing the host site to crash. The attack did not steal information, it simply caused the site to crash. But, that crash caused world-wide disruption across the Internet.
Hackers used malicious software to access a hundred thousand common household devices — web cameras, fitness trackers, DVR’s, smart TVs and even baby monitors — to flood the hosting company’s servers with incredibly high internet traffic. This attack showed that everyday items can be hacked and controlled by cyber criminals and then used against anyone else.
As we have all seen in recent news, the WannaCry cyber attack impacted businesses across the globe. Days after the attacks, hospitals were still left feeling its impact with continued appointment and planned operation cancellations, and delays in service. We should expect to see these types of attacks increasing in frequency.
PAY ATTENTION OR FACE THE CONSEQUENCES
Make no mistake about it, the stakes are incredibly high in the realm of cyber security protection. By 2021, the annual worldwide cost attributable to cyber attacks is estimated to reach the trillions of dollars. If any of these potential attacks occur, a contractor faces significant exposure, in many forms, including:
* Monetary. Cybersecurity events result in direct monetary losses in the form of notification costs, data recovery costs, and, of course, legal and public relations fees. States are also starting to impose strict standards on companies which will result in significant regulatory punishment in the cases of cyber breaches, including the added costs associated with agency investigations, regulatory fines and consumer redress funds.
* Reputation. Perhaps more important than the monetary risk, a contractor may incur substantial reputational harm if such a breach or attack is successful. Recent data has shown that small to medium-sized companies that experience a significant cybersecurity breach go out of business within six months of the breach – due to not only high monetary costs, but severe reputational damage.
* Criminal. The recently passed New York cybersecurity regulations place potential criminal penalties on compliance personnel. Other states are likely to follow New York.
As a business leader and commercial builder, the time to act is now. While the purchase of specific cyber insurance is an important part of protecting against the risks of a cyber attack, many cyber policies contain exclusionary language embedded in the policy making coverage potentially illusory. Additional steps can and need to be taken immediately, including an honest discussion of internal cybersecurity protections, examination of risk management strategy, and the training of employees. Failure to take these important steps could result in a disastrous cybersecurity breach and the loss of millions of dollars.
Jeffrey M. Dennis currently serves as Newmeyer and Dillion’s Managing Partner and, as a business leader, advises his clients on cybersecurity related issues, introducing contractual and insurance opportunities to lessen their risk. You can reach Jeff at jeff.dennis@ndlf.com.
J. Nathan Owens is the Managing Partner for Newmeyer & Dillion’s Las Vegas office. With more than 10 years in the construction industry as a former contractor himself, Nathan understands the complex issues builders and developers face in all aspects of development and construction. You can reach Nathan at nathan.owens@ndlf.com.
About Newmeyer & Dillion
For more than 30 years, Newmeyer & Dillion has delivered creative and outstanding legal solutions and trial results for a wide array of clients. With over 70 attorneys practicing in all aspects of business, employment, real estate, construction and insurance law, Newmeyer & Dillion delivers legal services tailored to meet each client’s needs. Headquartered in Newport Beach, California, with offices in Walnut Creek, California and Las Vegas, Nevada, Newmeyer & Dillion attorneys are recognized by The Best Lawyers in America©, and Super Lawyers as top tier and some of the best lawyers in California, and have been given Martindale-Hubbell Peer Review's AV Preeminent® highest rating. For additional information, call 949-854-7000 or visit http://www.newmeyeranddillion.com/.
Read the court decisionRead the full story...Reprinted courtesy of
Narberth Mayor Urges Dubious Legal Action
June 15, 2017 —
Wally Zimolong - Supplemental ConditionsWhen I left Philadelphia, I thought I had largely left NIMBY zoning disputes behind. However, I quickly learned that the Main Line NIMBY is simply a tiger of a different stripe (and better financed and represented than their Philadelphia brethren).
One dispute that recently caught my attention concerns the proposed demolition of a 120 year old church in Narberth. A developer wishing to demolish a church and develop apartments and drawing the ire of certain neighbors is something that is routine in Point Breeze or Fishtown. However, apparently the same is true on the Main Line. At issue in the case, is a restriction contained in a 1891 deed that apparently states that only a church can be built on the property. (The article discussing the case does not quote the precise language of the purported restriction.)
Read the court decisionRead the full story...Reprinted courtesy of
Wally Zimolong, Zimolong LLCMr. Zimolong may be contacted at
wally@zimolonglaw.com
Florida’s Construction Defect Statute of Repose
August 24, 2017 —
David Suggs – Bert L. Howe & Associates, Inc.Butler Weihmuller of Katz Craig LLP discussed Florida’s 10-year statute of repose law: “Under § 95.11(3)(c), the action must commence within 10 years after the date of actual possession by the owner, the date of the issuance of a certificate of occupancy, the date of abandonment of construction if not completed, or the date of completion or termination of the contract between the professional engineer, registered architect, or licensed contractor and his or her employer, whichever date is latest.”
However, Weihmuller explains that parties may disagree on the specific date For instance, in Busch v. Lennar Homes, LLC, Florida’s 5th DCA recently “reversed a trial court’s dismissal of a homeowner’s construction defect claim that was filed just beyond 10 years after the closing date on the property.” The previous decision had been based on the notion that the contract had been completed upon the date of closing. The 5th DCA declared that “a contract is not completed until both sides of a contract have been performed” and “pointed to the ‘inspection and punch-list clause’ of the contract.” The clause indicated that “[a]ny remaining items that Seller has agreed to correct will be corrected by Seller at Seller’s sole cost and expense prior to closing or at Seller’s option within a reasonable time after closing.” Since not all punch-list items had been completed prior to closing, the 5th DCA held that the contract had not been completed at closing, and therefore the statute of repose did not begin until the punch-items had been accomplished.
Read the court decisionRead the full story...Reprinted courtesy of
Licensing Reciprocity Comes to Virginia
May 15, 2023 —
Christopher G. Hill - Construction Law MusingsRemember my admonishment to get your
Virginia contractor’s license? Well, that will get easier for experienced construction professionals that hold a license from a state or territory outside of Virginia beginning on July 1, 2023. In this past session of the General Assembly, the Youngkin administration pushed and the legislature passed a universal licensure statute that (with some exceptions for professional services as defined in
Va. Code 2.2-4301) will allow those (including contractors) who are licensed in other states to use that license to obtain a Virginia license.
The
new legislation will require DPOR to recognize another state’s license where the contractor meets the following requirements:
- The individual holds a current and valid professional or occupational license or government certification in another state in a profession or occupation with a similar scope of practice, as determined by the board in the Commonwealth
Read the court decisionRead the full story...Reprinted courtesy of
The Law Office of Christopher G. HillMr. Hill may be contacted at
chrisghill@constructionlawva.com
Gene Witkin Celebrates First Anniversary as Member of Ross Hart’s Mediation Team
May 23, 2022 —
AMCCLOS ANGELES, California, May 18, 2022 – With a near perfect record of resolving cases, Gene is particularly passionate about helping parties get closure and minimize the significant costs of civil discovery and trial. He attributes the high success rate to empathy for all sides from his diverse prior experience representing both plaintiffs and defendants in civil litigation, as well as his extensive past experience as insurance coverage counsel for both insureds and insurers.
In recent months, two cases in particular were at an impasse due to insurance issues. The parties were able to bridge the gap and resolve the disputes, with mediator help on subtle coverage issues in one case (working through technical policy provisions together) and a creative settlement structure in the other (involving allocation of payments under the insurance policy). Gene also credits the successful resolutions in part to pre-mediation calls with the parties to better define the obstacles to resolution.
Gene, along with Ross Hart and several AMCC neutrals were thrilled to see many of their colleagues and construction defect stakeholders earlier this month at the West Coast Casualty seminar, which certainly heralded a successful return to in person events.
For more information or to schedule a mediation, please contact case administrator Stephanie Felton at admin@amccenter.com.
About AMCC
For more than 30 years the principals of AMCC have been serving the construction, real estate and insurance industries as a full service ADR firm. In addition to administering multiple terms of the CSLB contract for the state, AMCC is the recognized leader in California for administering insurance appraisals under Insurance Code 2071, as well as numerous other related ADR services such as partnering and dispute review boards. For more information please visit www.amccenter.com.
Read the court decisionRead the full story...Reprinted courtesy of
BWB&O is Recognized in the 2024 Edition of Best Law Firms®!
November 16, 2023 —
Dolores Montoya - Bremer Whyte Brown & O'Meara LLPBremer Whyte Brown & O’Meara, LLP is honored to announce the firm has been recognized for its fourth consecutive year in the 2024 edition of Best Law Firms® and is ranked by Best Lawyers® regionally in three practice areas. To read the publication, please click
here.
Regional Tier 1
Las Vegas: Litigation – Construction
Orange County: Litigation – Construction
Regional Tier 2
Orange County: Family Law
Regional Tier 3
Orange County: Commercial Litigation
Read the court decisionRead the full story...Reprinted courtesy of
Bremer Whyte Brown & O'Meara LLP
Construction Warranties: Have You Seen Me Lately?
February 07, 2022 —
Christopher D. Cazenave - ConsensusDocsA construction contract typically contains many different types of warranties. Owners expect contractors to explicitly warrant their workmanship, contractor-provided materials and equipment, and in many instances to assume other warranty risks that may obligate the contractor years after the project is completed.
No contractor wants to be surprised years after a project is completed by the existence of warranty obligations that were not considered or negotiated at the outset of the project. To help avoid this situation, warranties should be treated similar to other critical risk-sharing provisions in the contract in concert with other bargained-for provisions, including for example price and schedule.
This article provides a brief overview of warranty obligations found in typical construction contracts followed by a few practical considerations for contractors to consider when negotiating warranty obligations.
Reprinted courtesy of
Christopher D. Cazenave, Jones Walker, LLP (ConsensusDocs)
Mr. Cazenave may be contacted at ccazenave@joneswalker.com
Read the court decisionRead the full story...Reprinted courtesy of
Congratulations to Haight Attorneys Selected to the 2024 Southern California Super Lawyers List
January 29, 2024 —
Haight Brown & Bonesteel LLPHaight attorneys have been selected to the 2024 Southern California Super Lawyers list.
Congratulations to:
- Bruce Cleeland
- Peter A. Dubrawski
- Angela S. Haskins
- Gary L. LaHendro
- Denis J. Moriarty
- Jennifer K. Saunders
Read the court decisionRead the full story...Reprinted courtesy of
Haight Brown & Bonesteel LLP
