Risk Specialty Group releases guidance for architects and engineers as cyberattacks on construction companies doubled in early 2024, with most E&O policies failing to cover first-party breach costs.
-- HOUSTON, Texas, Jan. 27, 2026 — As cyberattacks against architecture and engineering firms reach unprecedented levels, Risk Specialty Group (RSG), a Houston-based insurance and risk management firm serving design professionals, is urging firms to evaluate critical gaps in their cyber liability coverage before becoming the next target.
According to Dodge Data & Analytics, 59% of architecture, engineering, and construction (AEC) firms experienced a cybersecurity threat within the past two years. Cyberattacks on construction companies doubled in Q1 2024 compared to Q1 2023. Despite these alarming figures, only 10-20% of small and mid-sized businesses carry adequate cyber coverage.
“Only true cyber liability covers first-party costs associated with a cyber attack or breach on the design firm,” said Travis Landers, ARM, President and Founder of Risk Specialty Group. “That is why the coverage within a professional liability policy is called ‘network security’ and not ‘cyber liability.’ The vast majority of design firms enter 2026 without true cyber coverage.”
The distinction is critical. Most professional liability policies include “network security” endorsements that only cover third-party claims — such as when a design firm transmits a virus to a client. However, these endorsements provide no first-party coverage for the design firm’s own breach-related expenses, including ransom demands, system downtime, or fraudulent invoice payments.
Risk Specialty Group specializes in cyber liability insurance for design professionals, offering coverage that addresses first-party costs. The firm works with over 20 A-rated carriers to provide customized protection for architects, engineers, surveyors, and environmental consultants.
Design professionals face ransomware attacks at more than twice the rate of other industries, according to research from CyberPress and FalconFeeds. DragonForce, a ransomware group that attacked O&S Engineers & Architects in February 2025, specifically targets architecture and engineering firms, exploiting the pressure to meet deadlines that makes firms more likely to pay ransoms quickly.
The global average cost of a data breach reached $4.88 million in 2024, according to IBM — a 10% increase from the previous year. For design firms with revenues between $1 million and $5 million, annual cyber insurance premiums typically range from $1,000 to $3,000, depending on limits and coverages selected.
About Risk Specialty Group
Risk Specialty Group is a Houston-based insurance and risk management firm serving exclusively design professionals. Founded in 2010, RSG helps architects, engineers, surveyors, environmental consultants, and construction managers navigate the complex world of insurance and risk management. The firm works with over 20 “A” rated carriers and has earned the IIABA Best Practices Agency designation multiple years running. Risk Specialty Group serves design professionals across Texas, Arizona, Arkansas, California, New Mexico, and Oklahoma.
Media Contact:
Risk Specialty Group
Phone: 713-552-1900
Email: info@riskspecialtygroup.com
Website: https://riskspecialtygroup.com
Content developed in partnership with top digital marketing agency ASTOUNDZ.
Contact Info:
Name: Risk Specialty Group
Email: Send Email
Organization: Risk Specialty Group
Address: 675 Bering Dr. Suite 175, Houston, TX 77057, United States
Phone: +1-713-552-1900
Website: https://riskspecialtygroup.com/
Source: NewsNetwork
Release ID: 89181968
If there are any errors, inconsistencies, or queries arising from the content contained within this press release that require attention or if you need assistance with a press release takedown, we kindly request that you inform us immediately by contacting error@releasecontact.com (it is important to note that this email is the authorized channel for such matters, sending multiple emails to multiple addresses does not necessarily help expedite your request). Our reliable team will be available to promptly respond within 8 hours, taking proactive measures to rectify any identified issues or providing guidance on the removal process. Ensuring accurate and dependable information is our top priority.
