Project data, contracts, financial information and subcontractor communications are increasingly targeted. Perth construction businesses are high-value ransomware targets — project delays caused by ransomware can result in contract penalties far exceeding the ransom demand itself.
Site-to-office comms that break down. Documents in three places. Onboarding that takes half a day.
Get Free Cyber Risk Snapshot →Flat-rate monthly agreements. No lock-in. No surprise invoices.
Book a free Cyber Risk Snapshot and get a plain-English report on your current cyber exposure — specific to your Perth business.
Get Free Cyber Risk Snapshot →Construction runs on email and trust, and attackers know it. A Perth builder or trades business moves real money through progress claims, supplier invoices and retention payments, often between parties who have never met in person. That makes you the textbook target for invoice and payment redirection fraud: an attacker watches a compromised mailbox, waits for a genuine invoice from your concreter or steel supplier, then sends a near-identical follow-up with new bank details. The email looks right because it often comes from a real, breached account in the supply chain.
The other reality is your workforce. Site supervisors, project managers and apprentices work off phones and tablets, on free public Wi-Fi at the site shed, swapping between personal and work logins. Devices get lost on site, left in utes, or handed down without ever being wiped. For a 5 to 50 staff outfit juggling several jobs from Joondalup to Rockingham, there is rarely one person whose job is to notice that a foreman's Microsoft 365 password turned up in a data breach two years ago and was never changed.
Picture a Perth commercial fit-out company mid-way through a six-figure progress claim. Their bookkeeper receives an email, in the right thread, from the client's project manager, asking to update the remittance account before the next payment. The details look legitimate. The payment goes out. Two weeks later the real project manager asks where the money is. Now you are chasing funds that have already moved through three accounts, explaining to your client why their payment vanished, and wondering whether your own mailbox was the one that leaked.
The damage is rarely just the lost payment. It is the week your office staff spend untangling it instead of running jobs. It is the head contractor questioning whether you can be trusted with their data on the next tender. It is a ransomware lockout that freezes your project files, plans, variations and certifications the morning a site inspection is due, with subcontractors standing around unpaid and unsure if they should keep working. For a trades business where cash flow is already tight between progress payments, a few days of downtime and a damaged client relationship hurts far more than the initial theft.
We start where the fraud starts: email and identity. We configure SPF, DKIM and DMARC so attackers cannot spoof your domain to your clients and suppliers, and we put Defender for Office 365 in front of inbound mail to catch the lookalike invoices and credential-phishing links before they reach your bookkeeper. On the login side, Entra ID with Conditional Access and MFA means a stolen password alone is useless, and we can block sign-ins from outside Australia or from unmanaged devices, which closes the door on most account takeovers.
For the fleet of phones, tablets and laptops moving between sites, Intune lets us enforce screen locks and encryption, separate work data from personal data, and remotely wipe a device the day it goes missing from a ute without touching the owner's photos. Microsoft Defender protects each endpoint against ransomware. Microsoft 365 Backup gives you a verified, recoverable copy of your SharePoint, OneDrive and Exchange data, so a locked-out or deleted project folder is a restore, not a crisis. We tie it together with the practical things that matter on a job: who can see which project's files in SharePoint, and what happens to a leaver's access the day they walk off site.
Construction compliance in WA is increasingly about who you let touch your data. Head contractors and government project owners now ask subcontractors how they protect drawings, tender pricing and personal information before they award work, and "we use Microsoft 365" is no longer an answer on its own. Your project financials, variation claims, employee records and client contracts all sit in your tenant, and the Privacy Act applies to the personal data you hold on staff and clients regardless of how busy the site is.
This is also where cyber insurance bites. Insurers now want evidence of MFA, managed backups and endpoint protection before they pay a claim, and a redirected payment can be declined if those controls were not actually in place. COREWEST is evidence-led: we show you exactly what is exposed, document the controls you have, and close the gaps that would otherwise sink a claim or a tender. A short Free Cyber Risk Snapshot tells you, in plain English, whether your domain can be spoofed, whether staff credentials are already circulating, and where a single click could stop your jobs. Book one at calendly.com/corewest/30min.