Roy Richardson, Vice >President and CTO, Aurora InfoTech

Roofing is at once a profitable and a dangerous industry. Beyond the obvious risks, such as a worker getting injured on the job, there are threats such as ransomware.

Ransomware is a disruptive, malicious software that instantly cripples computer systems by encrypting files and data into an unreadable and unusable format. The attackers generally display an onscreen notice to inform their victims of the attack, along with a timeline and monetary amount, usually in

Bitcoins, needed to gain access to the decryption key. Moreover, if the victim misses making the ransom payment by the timeframe specified by the attackers, the data remains encrypted, inaccessible and in some cases, lost forever.

Although cybercrime such as this is prevalent in all industries, the risks associated with the roofing industry are particularly high, which is why it is so essential for roofing companies to implement effective cyber- security measures. While most roofing companies take precautions when it comes to traditional safety and security on the jobsite, few organizations realize that virtual dangers pose as much as, if not more, of

a threat. As a result, many organizations have not taken adequate cybersecurity precautions to protect their data from an attack or breach. Unfortunately, the roofing industry trails behind others when it comes

to investing in high-level security and keeping up with current digital threats.

According to a recent JB Knowledge Construction Technology Report, firms indicate that the most significant challenges they face in adopting new technology are limited IT resources, budget shortfalls and resistance at both the employee and management levels.

As a result, most firms underestimate the likelihood of hackers’ interest in them as a target and so don’t invest enough in cybersecurity, which in turn makes it easier for hackers to infiltrate their systems.

Due to factors such as a rapidly increasing number of vendors entering the roofing industry, high turnover and the use of remote offices, hackers are a pervasive threat to roofing companies and the sensitive information they hold. Though not necessarily apparent

at first glance, the roofing industry is heavily reliant on technology. The tools of a modern roofing organization include not only ladders and nail guns, but also mobile computers, sensors, telematics, GPS, building information modeling, integrated project delivery and a variety of other systems. The data stored on

these systems typically include personally identifiable information (PII) of their employees and their clients, including social security numbers, bank accounts and healthcare information – all of which are worth their weight in gold to hackers. Even project bids and intellectual property are at stake and can compromise a company, its vendors, employees and clients.

Here are five tips that can help businesses to protect this valuable and trusted information:

  1. Keep vulnerabilities and threats at bay by staying up to date with all security patches and system updates.
  2. Implement a backup and disaster recovery strategy, not just for your servers, but for all your endpoints and critical data. Don’t forget to test the restoration process to ensure it is
  3. Complement your security layers with approaches that whitelist (track the good, not just the bad) as a last line of defense in case ransomware does evade your
  4. Educate your employees by investing in Security Awareness Training – often, the vulnerability might occur due to your employees'
  5. Consult with security professionals who stay ahead of malware trends and can offer a third- party assessment of your current network, as well as guidance on how to protect it

Security is of foremost significance for organizations in the roofing industry that demand uninterrupted access to systems and data that results in scalable and sustainable long term growth. Unlike the old days, however, this security no longer ends once the jobsite is locked up at the end of the day.

Around-the-clock monitoring and management of organizational networks is the standard when it comes to cybersecurity in the roofing industry.


Roy Richardson is a senior IT/Telecommunication professional with 20-plus years of multi-faceted executive management and engineering experience. He is the Vice President and CTO of Aurora InfoTech, a Cybersecurity and IT Consulting firm based in Orlando. He is also an author of the book, Hack Proof Your Business,” which is a Cybersecurity guide for business owners and executive leadership.