Environment and Social Psychology

Cybercrime activities are fast-growing and threatening critical sectors, including the built environment industry (BEI). This may threaten achieving Sustainable Development Goal 9 (industry, innovation and infrastructure). Cyber attackers may attack the industry more if measures are not taken to manage cybercrime activities in industrial innovation and infrastructure development. Developing a framework to manage cybercrime may improve BEI’s cybersecurity and, by extension, improve achieving Goal 9 is pertinent. Thus, the study explores the root causes and identifies the information necessary to develop a Nigerian BEI cybersecurity framework for managing cybercrime to improve achieving Goal 9. Given the unexplored issues in Nigeria, twenty-eight experts were selected from Abuja and Lagos. The study achieved saturation. The interviewees were experts in cybercrime in the BEI. The study’s data were coded and analysed using a thematic method. Findings show that human-related sources are the major root cause of the Nigerian BEI’s cyberattack. Five key variables emerged as the information required to develop a BEI cybersecurity framework for managing cybercrime. The rapid construction digitalisation and administrative operations into cyberspaces have enhanced cyberattacks. This study raises awareness about cybersecurity implications and promotes cybersecurity framework management adaption, especially in Nigeria’s built environment industry, to improve achieving Goal 9.

1. Ebekozien A (2020a). Corrupt acts in the Nigerian construction industry: is the ruling party fighting corruption? Journal of Contemporary African Studies, 38(3): 348-365. doi: 10.1080/02589001.2020.1758304

2. Bogue R (2018). What are the prospects for robots in the construction industry? Industrial Robot: An International Journal, 45(1): 1-6. doi.10.1108/IR-11-2017-0194

3. Mantha BR, de Soto BG (2021). Cybersecurity in construction: Where do we stand and how do we get better prepared. Frontiers in Built Environment, 7, 612668.

4. Ebekozien A. Aigbavboa C (2021). Covid-19 recovery for the Nigerian construction sites: The role of the fourth industrial revolution technologies. Sustainable Cities and Society, 69: 1-10. doi.org/10.1016/j.scs.2021.102803

5. Dwivedi KY, Hughes DL, Coombs C, Constantiou I, Duan Y, Edwards JS, Upadhyay N (2020). Impact of COVID-19 pandemic on information management research and practice: Transforming education, work and life. International Journal of Information Management, 55. https://doi.org/10.1016/j.ijinfomgt.2020.102211.

6. Theohary CA, Finklea K (2015). Cybercrime: conceptual issues for congress and U.S Law Enforcement. Congressional Research Service Report.

7. International Telecommunication Union (ITU) (2008). Definition of Cybersecurity, Geneva: ITU.

8. Holst A (2020). Global Cybersecurity Market Forecast 2017-2023, Hamburg: Statista.

9. Identity Theft Resource Center. (2018). 2018 End of Year Data Breach Report. Los Angeles, CA: Identity Theft Resource Center.

10. Ponemon Institute and Accenture Securuty. (2019). Ninth annual cost of cybercrime study unlocking the value of improved cybersecurity protection the cost of cybercrime contents. New York, NY: Accenture Securuty.

11. Alshammari K, Beach T, Rezgui Y (2021). Cybersecurity for digital twins in the built environment: current research and future directions. Journal of Information Technology in Construction, 26: 159-173. doi.10.36680/j.itcon.2021.010

12. Tezel A, Papadonikolaki E, Yitmen I, Bolpagni M (2021). Blockchain opportunities and issues in the built environment: Perspectives on trust, transparency and cybersecurity. In Industry 4.0 for the Built Environment: Methodologies, Technologies and Skills (pp. 569-588). Cham: Springer International Publishing.

13. Mantha B, de Soto BG, Karri R (2021). Cyber security threat modeling in the AEC industry: An example for the commissioning of the built environment. Sustainable Cities and Society, 66, 102682.

14. Brooks DJ, Coole M, Haskell-Dowland P (2020). Intelligent building systems: security and facility professionals’ understanding of system threats, vulnerabilities and mitigation practice. Secur. J. 33: 244–265. doi: 10.1057/s41284-019-00183-9

15. Mutis I, Paramashivam A (2019). Cybersecurity management framework for a cloud-based BIM model,” in Advances in Informatics and Computing in Civil and Construction Engineering, (Berlin: Springer International Publishing), 325–333. doi: 10.1007/978-3-030-00220-6_39

16. Soomro TR, Hussain M (2019). Social media-related cybercrimes and techniques for their prevention. Applied Computer Systems, 24(1): 9-17.

17. Badamasi B, Utulu SCA (2021). Framework for managing cybercrime risks in Nigerian universities. Proceedings of the 1st Virtual Conference on Implications of Information and Digital Technologies for Development.

18. Keshta I, Odeh A (2021). Security and privacy of electronic health records: Concerns and challenges. Egyptian Informatics Journal, 22(2): 177-183.

19. Adesina R, Ingirige B (2019). Dismantling barriers to effective disaster management in Nigeria. 14th International Postgraduate research conference 2019: Contemporary and Future Directions in the Built Environment.

20. De Paoli S, Johnstone J, Coull N, Ferguson I, Sinclair G, Tomkins P, Brown M, Martin R (2020). A qualitative exploratory study of the knowledge, forensic, and legal challenges from the perspective of police cybercrime specialists. Policing: A Journal of Policy and Practice, 3: 12-18.

21. Chapman J (2019). How safe is your data? Cyber-security in higher education. Higher Education Policy Institute Policy, 23: 12-23.

22. Morgan S (2020). Cybercrime to cost the world $10.5 trillion annually by 2025. Cybercrime Magazine, 12: 1-9.

23. Shu, K., Sliva, A., Wang, S., Tang, J., Liu, H. (2017). Fake news detection on social media: A data mining perspective. ACM SIGKDD explorations newsletter, 19(1), 22-36.

24. Greenwood, J. W. (2020). Intelligence agencies in cyberspace: Adapting the intelligence cycle to cyber threats and opportunities (Doctoral dissertation, The University of Waikato).

25. Faminu G (2023). Nigeria suffered over 12.9m cyber-attacks during presidential, NASS elections – Pantami. Business Day, Retrieved from https://businessday.ng/news/article/nigeria-suffered-over-12-9m-cyber-attacks-during-presidential-nass-elections-pantami/

26. Hassan AB, Lass FD, Makinde J (2012). Cybercrime in Nigeria: causes, effects and the way out. Journal of Science and Technology, 2(7): 626 –631.

27. Wada F Odulaja GO (2012). Assessing cybercrime and its impact on e-banking in Nigeria using Social Theories. African Journal of Computing & ICTs. 5(1): 69-82.

28. Tanga O, Akinradewo O, Aigbavboa C, Thwala D (2022). Cyber-attack risks to construction data management in the fourth industrial revolution era: a case of Gauteng province, South Africa. Journal of Information Technology in Construction (ITcon), 27: 845-863.

29. Ibrahim UMARU (2019). The Impact of Cybercrime on the Nigerian Economy and banking system. NDIC Quarterly, 34(12): 1-20.

30. Osho O, Onoja AD (2015). National cyber security policy and strategy of Nigeria: A qualitative analysis. International Journal of Cyber Criminology, 9(1): 22-28.

31. AlBalkhy W, Karmaoui D, Ducoulombier L, Lafhaj Z, Linner T (2024). Digital twins in the built environment: Definition, applications, and challenges. Automation in Construction, 162, 105368.

32. Howell S, Rezgui Y, Beach T (2018). Water utility decision support through the semantic web of things. Environmental Modelling & Software, 102: 94-114.

33. Technology NIS (2017), “FIPS PUB 201-1 Personal Identity Verification (PIV) of Federal Employees and Contractors.

34. Boyes H (2014). Building Information Modelling (BIM): Addressing the Cyber Security Issues. Iet: 1–12. doi: 10.1049/etr.2014.9001.

35. Generation D, Storage E (2011). IEEE Guide for Smart Grid Interoperability of Energy Technology and Information Technology Operation with the Electric Power System (EPS), End-Use Applications, and Loads IEEE Standards Coordinating Committee 21 Sponsored by the.

36. Mikkola M, Oksanen A, Kaakinen M, Miller BL, Savolainen I, Sirola A, Zych I, Paek H.-J (2020). Situational and Individual Risk Factors for Cybercrime Victimisation in a Cross-national Context. International Journal of Offender Therapy and Comparative Criminology, 0306624X20981041.

37. United Nations (2020). The Sustainable Development Goals Report 2020. New York: United Nations. https://unstats .un .org/ sdgs/ report/ 2020/ The -Sustainable-Development- Goals -Report -2020 .pdf.

38. United Nations (2022). Secretary General outlines priorities for 2022. Retrieved from https://www.un.org/ press/ en/ 2022/ sgsm21113 .doc .htm

39. Purohit DP, Siddiqui N, Nandan A, Yadav BP (2018). Hazard identification and risk assessment in construction industry. International Journal of Applied Engineering Research, 13(10): 7639-7667.

40. Pattinson MR, Butavicius MA, Ciccarello B, Lillie M, Parsons K, Calic D, McCormac A (2018). Adapting cyber-security training to your employees. HAISA.

41. Smith W (2019). A comprehensive cybersecurity defense framework for large organisations.

42. NIST. (2020) Cybersecurity framework. https://www.tenable.com/lp/campaigns/20/whitepapers/adhering-to-the-nist-framework-with-tenable-ot/?utm_campaign=gs-{9662775243}-{100779850978}{426501511627}_00021238_fy21q1&utm_promoter=tenable-indegy-nb 00021238&utm_source=google&utm_term=%2Bnist%20%2Bframework&utm_medium=cpc&utm_geo=emea&gclid=EAIaIQobChMIjbXbsunm7wIVAtWyCh2j7g6IEA AYASAAEgIu0PD_BwE

43. ITU. (2015). Global cybersecurity index & cyberwellness profiles report (Cybersecurity, Issue. I.T. Union. https://www.itu.int/pub/D-STR-SECU-2015

44. Maarten G, Artur U, Erik F, Michel R (2015). A meta-analysis of threats, trends, and responses to cyber-attacks (Assessing Cyber Security, Issue. T. H. C. f. S. Studies. https://hoffmannbv.nl/sites/default/files/Report%20Assessing%20Cyber%20Security%2016%20april%202015.pdf

45. Fellows R, Liu MMA (2015). Research methods for construction (4th ed.). West Sussex, United Kingdom: John Wiley & Sons.

46. Jaafar M, Ebekozien A, Mohamad D (2021a). Community participation in environmental sustainability: A case study of proposed Penang Hill Biosphere Reserve, Malaysia. Journal of Facilities Management. doi.10.1108/JEM-03-2021-0033.

47. Jaafar M, Salim AAN, Salleh MN, Sulieman BZ, Ulang MN, Ebekozien A (2021b). Developing a framework for fire safety management plan: the case of Malaysia’s public hospital buildings. International Journal of Building Pathology and Adaptation. doi.10.1108/IJBPA-04-2021-0060.

48. Ebekozien A, Aigbavboa C, Samsurijan SM (2023). An appraisal of blockchain technology relevance in the 21st century Nigerian construction industry: perspective from the built environment professionals. Journal of Global Operations and Strategic Sourcing, 16(1): 141-160 doi. 10.1108/JGOSS-01-2022-0005.

49. Alshabib HN, Martins JT (2022). Cybersecurity: perceived threats and policy responses in the Gulf Cooperation Council. in IEEE Transactions on Engineering Management, 69(6): 3664-3675 doi: 10.1109/TEM.2021.3083330.

50. Ibrahim FS, Ebekozien A, Khan P, Aigbedion M, Ogbaini IF, Amadi G (2022). Appraising fourth industrial revolution technologies’ role in the construction sector: How prepared is the construction consultants? Facilities. doi.10.1108/F-09-2021-0086.

51. Creswell JW (2014). Research design: qualitative, quantitative, and mixed methods approach (4th ed.). Thousand Oaks, Califonia, USA: Sage.

52. Ebekozien A (2020b). A qualitative approach to investigate low-cost housing policy provision in Edo State, Nigeria. International Planning Studies, 1-18. doi:10.1080/13563475.2020.1779671

53. Corbin J, Strauss A (2015). Basics of qualitative research: Techniques and procedures for developing grounded theory (4th ed.). Thousand Oaks, California, USA: Sage.

54. Van Schaik P, Jeske D, Onibokun J, Coventry L, Jansen J, Kusev P (2017). Risk perceptions of cyber-security and precautionary behaviour. Computers in Human Behaviour, 75: 547-559. doi.1016/j.chb.2017.05.038

55. Sibe, R. T. Kaunert, C. (2024). Cyber Crime in Nigeria—Reviewing the Problems. In Cybercrime, Digital Forensic Readiness, and Financial Crime Investigation in Nigeria (pp. 19-55). Cham: Springer Nature Switzerland.

56. Tsado, L., Raufu, A., Ben-Edet, E. Krakrafaa-Bestman, D. (2023). Combatting the Threat of Cybercrime in Nigeria: Examining Current Laws and Policies. Journal of Applied And Theoretical Social Sciences, 5(4), 413-430.

57. Bian S, Deng Z, Li F, Monroe W, Shi P, Sun Z, Wu W, Wang S, Wang WY, Yuan A (2018). Icorating: A deep-learning system for scam ico identification arXiv preprint arXiv:1803.03670

58. Bada M, Nurse JRC (2019). Developing cybersecurity education and awareness programmes for small- and medium-sized enterprises (SMEs)", Information and Computer Security, 27(3): 393-410. https://doi.org/10.1108/ICS-07-2018-0080

59. Paulsen C (2016). Cybersecuring small businesses. Computer, 49(8): 92-97.

60. Sonkor MS, de Soto BG (2021). Operational technology on construction sites: A review from the cybersecurity perspective. Journal of Construction Engineering and Management, 147(12) 04021172

61. Armenia S, Angelini M, Nonino F, Palombi G, Schlitzer MF (2021). A dynamic simulation approach to support the evaluation of cyber risks and security investments in SMEs. Decision Support Systems, 113580.

62. Glantz C, Somasundaram S, Mylrea M, Underhill R, Nicholls A (2016). Evaluating the maturity of cybersecurity programs for building control systems. US Department of Energy Office of Scientific and Technical Information.

63. Culot G, Fattori F, Podrecca M, Sartor M (2019). Addressing industry 4.0 cybersecurity challenges. in IEEE Engineering Management Review, 47(3): 79-86, doi: 10.1109/EMR.2019.2927559.