• Home
  • Request A Quote
  • Products & Services
  • HardwareXpress
  • Claims
  • Loss Control Center
  • Producers
  • Newsroom
  • About
  • Green Tree Risk Partners
  • Events
  • Careers
  • Contact Us
  • Make a Payment
  • Producer Portal
  • Request a Quote
  • Green Tree Risk Partners
  • Contact Us
Pennsylvania Lumbermens Mutual Insurance Company for wood products industry
MENUMENU
  • About
        • About Pennsylvania Lumbermens Mutual

        • Pennsylvania Lumbermens Mutual Insurance Company
          • About
          • Why PLM?
          • History
          • Timeline
          • Leadership
          • Newsroom
          • Financials
          • Events
          • Careers
          • Quick Links

          • A Culture of Caring
          • Newsletters
            • Subscribe
            • Lumber Memo Archive
            • Producer Update Archive
  • Products & Services
        • Products & Services

        • Specialized Property & Casualty Insurance for the Woodworking and Building Material Industries
          • Products Overview
          • Who We Protect
          • Coverages
          • Business Development Representatives
          • Payment Options
          • Dividends
          • Request a Quote
          • Workers' Compensation Placement

          • Green Tree Risk Partners
          • Hardware Store Insurance Solution

          • HardwareXpress
          • Portable Sawmill Insurance Solution

          • Portable Sawmill
          • Quick Links

          • Locate a Business Development Representative
          • Stock Reporting Form
          • Interactive Protection Map
  • Claims
  • Producers
        • Insurance Producers & Brokers

        • Lumber
          • Producers
          • Producer Kit
          • Interactive Protection Map
          • Commission ACH Payments
          • Producer Portal
          • Wholesale Brokerage / Workers' Compensation Placement / Logging Program

          • Green Tree Risk Partners
  • Loss Control Center
        • Loss Control Center

        • Reduce insurance risk in the wood products and lumber industry
          • Loss Control Center

          • Loss Control Center Home
          • Loss Control Guides

          • Operations
          • Auto / Fleet
          • Fire
          • Machinery
          • Risk Management Resources

          • Safety Training Videos
          • Distracted Driving - Phone
          • Continuous MVR Monitoring
          • Portable Alert System
          • Telematics
          • Combustible Dust Solutions
          • Safety Materials
          • Additional Safety Resources
          • Protective Devices
          • Quick Links

          • Locate a Loss Control Representative
  • News
You are here: Home / Lumber Memo / Building a Strong Foundation for Cyber Risk in Lumber Business

Building a Strong Foundation for Cyber Risk in Lumber Business

June 9, 2026 by PLM

  • Share
  • Tweet
  • LinkedIn

By BJ Gardner, Assistant Vice President of Information Technology

Gone are the days when lumber business owners primarily managed their data in-house. Today, cloud platforms and software tools have blurred the boundaries of who can access a business’s sensitive information resulting in not just third-, but fourth- and fifth-party cyber risk exposures. In short, your lumber business’ data is likely now part of a much larger, interconnected ecosystem and as a result, exposed to commercial cyber risk.

Fortunately, business owners don’t have to be too tech savvy to take steps to protect their business from a cyber event.

A Look at the Risk

While the cyber risk landscape has expanded for business owners in lumber and elsewhere with more sophisticated attacks, two fairly simply cyber threats continue to produce the most insurance claims in our space.

Phishing attacks continue to be the primary entry point for bad actors, in which bad actors pose as a member of the lumber business requesting funds or sensitive information to access a system. Such attacks are becoming more sophisticated with the use of AI, including voice-based impersonation attempts.

Second, the application of ransomware to company systems continues to drive claims in our space. With ransomware, bad actors gain access to a company’s data through malicious software known as “malware”. Where bad actors once simply encrypted the data and restricted a company’s access to it, they are now immediately threatening to release sensitive data to the public.

Whether an international financial services company, a major retailer or neighborhood lumber and building material facility, your business is at risk. Cyber risk is not just a technical issue. It’s a business-wide concern that requires consistent attention.

Prevention Measures Needed for an Effective Cyber Program

As cyber risks continue to evolve, lumber and building materials businesses need a more sophisticated cyber program. From employee training to vendor oversight and response planning, the following strategies can help organizations strengthen defenses and reduce exposure across the business:

  • Vendor relationships: Establishing clear expectations with vendors. Share security questionnaires and contract requirements. Completed vendor questionaries and contracts allow business owners to understand how partners store, access and protect sensitive information, while also creating accountability around security expectations before a relationship begins.
  • Training: Ongoing employee cyber risk mitigation training is one of the most impactful investments a lumber and building material business owner can make when it comes to protecting their business from cyber risk. When employees can recognize suspicious activity and respond appropriately, they become a critical line of defense against cyber risk rather than a point of vulnerability. Over time, repetition and reinforcement help build a stronger security culture across the organization. Employee cyber training, such as phishing tests, should be held on a monthly, if not a weekly basis. This will give companies an idea of employee awareness and draw attention to team members who may need additional training or gaps in their training program.
  • Additional layers of protection: Regular vendor reviews, penetration testing and cyber risk assessments all play a role in identifying weaknesses before they are exploited. Just as important is preparing for the moment your lumber business does experience a cyber event. Tabletop exercises and disaster recovery testing ensure that teams understand their roles and can respond quickly to limit disruption. Additionally, organizations should also implement continuous system monitoring, multi-factor authentication (MFA) and conditional access policies to help block unauthorized access before it reaches critical systems.

Business owners in the lumber space with the most effective programs will adopt a mindset of continuous verification. Approaches like zero trust, along with tools such as multi-factor authentication and conditional access controls, focus on validating every user and every connection before access is granted.

This shift reflects a broader truth about cybersecurity today in our industry and others. There is no single solution. Instead, resilience is built through a combination of awareness, discipline and layered defenses that evolve alongside the threats.

This is also a good time to remember that your team at PLM can serve as valuable partners in helping your business evaluate cyber exposures and identify gaps in your prevention measures. We can also help your organization better understand emerging risks and support stronger cybersecurity planning across the business.

Lumber Memo: Issue 2 – 2026

IN THIS ISSUE:

  • President’s Commentary
  • Protecting LBM Businesses from Construction Defect Claims
  • 2026 Hurricane Forecast: A Milder Forecast Doesn’t Reduce Risks
  • Commitment to Service: Meet the Faces Behind PLM’s Claims Management Team
  • Building a Strong Foundation for Cyber Risk in Lumber Business
  • A Guide to Succession Planning: Protect the Future of Your Lumber Business
  • Spotlight On PLM: Dividends, Leadership, A.M. Best

PREVIOUS:

Commitment to Service: Meet the Faces Behind PLM's Claims Management Team

NEXT:

A Guide to Succession Planning: Protect the Future of Your Lumber Business

Filed Under: Lumber Memo

Pennsylvania Lumbermens Mutual Insurance Company
One Commerce Square
2005 Market Street, Suite 1200
Philadelphia, PA 19103

Toll Free: 1.800.752.1895
Fax: 215.625.9097
CustServ@plmins.com

              
  • About
  • Products & Services
  • Claims
  • Producers
  • Loss Control Center
  • Blog
  • Careers
  • Newsroom
  • Contact Us

PLM wood products insurance logo
Subscribe to our newsletter
  • Legal
  • Terms and Conditions
  • Privacy Policy
  • Accessibility Statement
  • Sitemap
  • Cookie Policy
© PLM. All Rights Reserved.

PLM
Manage your privacy
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
Statistics

Marketing

Features
Always active

Always active
  • Manage options
  • Manage services
  • Manage {vendor_count} vendors
  • Read more about these purposes
Manage options
  • {title}
  • {title}
  • {title}