5 Ways to Safeguard Your Real Estate Business
When people think of the top industries attracting cybercriminals, few will think of real estate. More often it is hospitals, government facilities, and large trade corporations that get media coverage in the wake of a hack. However, data has shown a considerable rise in interest among cybercriminals, as real estate properties become increasingly reliant on technology. HVAC, elevator, and other management systems have become automated, providing a new field of opportunities for cybercriminals. And as of 2018, one in three real estate firms had reported experiencing a cybersecurity event. So, what can you do to keep your real estate business, and properties, secure? Read on to find out.
An Open House for Cybercrime
It wouldn't be an understatement to say that most real estate firms lack the safeguards needed to thrive in 2019. A recent survey by Global Information Security found that:
- 58% of respondents lack a security operation center
- 65% do not have, or have an informal, threat intelligence program
- 91% say their cybersecurity posture fails to meet their organization's needs
Many smaller real estate companies also lack in-house expertise or a dedicated IT department. This can be a problem when you consider that the commercial real estate industry is moving toward building automation, implementation of Internet of Things (IoT) home devices, and the increased use of property management software.
Currently, Business Email Compromise (BEC) is the most common threat facing real estate businesses. Fake wire transfers, and requests from seemingly legitimate vendors or real estate sellers, have resulted in $3 billion worth of losses. These companies were susceptible to ransomware on operational and physical systems, compromising data and impeding employee productivity. Malware is a also top-three concern, targeting employee and tenant data, as well as client and user bank account holdings.
Signed, Sealed, Delivered
Keeping your real estate business safe requires a specialized strategy. Here are a few ways to help begin the process:
- Develop a wire transfer policy. Eliminate the possibility of a wire-based BEC by setting strict outlines for how transfer will be dealt with. Many of these policies simply state that wires should never be sent solely based on an email.
- Train employees. End-users are the first line of defense, but they need to know what they are looking for. Hold regular training, or refresh, sessions on common email-based attack vectors. This is also a good time to review restrictive policies, including those about wire transfers.
- Negotiate security provisions. When working with counterparties on real estate agreements, you should negotiate the terms of responsibility in the event of a BEC attack. Establish liability and terms of payment to avoid confusion and potential discord.
- Leverage tech solutions. From routine data and system backups, to cloud-based security measures, technical resources can streamline business operations and keep your employees and clients' data secure.
- Consider cyber-liability insurance. If your business is looking into a cyber-liability policy, ensure coverage for BEC scams, ransomware attacks, and unforeseen business interruption.
For those businesses looking for an even more robust security overhaul, consider what iCorps' experts have to offer. While you work to secure your client data, our technicians can help develop and implement policies covering: document retention and destruction, cyber and data security, and breach response and notification. We can also help ensure that your security infrastructure reflects your state's updated laws regarding personally identifiable information (PII), data-related business policies, and other regulated practices. For more information about the power of a collaborative security partnership, contact an iCorps technician today.