The 4 Biggest Cybersecurity Threats to Real Estate
In the wake of 2018's truly historic data breaches, you may have noticed cybercriminals love government agencies, hospitals, and large trade corporations. And while these breaches garner the lion's share of media attention, other vulnerable industries tend to be overshadowed. Real estate, has been glossed over despite one in three firms experiencing a cybersecurity event in the last two years. That is an alarming percentage and suggests 2019 will draw even more attention from cybercriminals. So which weaknesses are they exploiting? Here are the four biggest:
Data on Offer
After looking at reports from 2018, researchers have found that the largest threats are:
- Business Email Compromise (BEC). Perhaps the most common threat, BEC scams occur when cybercriminals use fake accounts to initiate wire transfers. They often pose as escrow agents, contractors, or third-party vendors the real estate company works with. The frequency of wire transfers in real estate makes this threat particularly pernicious, as it can be difficult for employees to assess the legitimacy of requests. The FBI estimates that fraudulent transactions cost the real estate industry $969 million in 2017.
- Third Party Vendors. Real estate companies have highly collaborative supply chains that necessitate third party vendors. Whether these vendors are providing cloud services or property listings, they are constantly exchanging valuable data with other businesses. Unfortunately, this means that if their security standards do not match those of their partner companies, there could be severe consequences.
- Internet of Things (IoT) & Building Automation. Real estate management companies have become increasingly reliant on smart home technologies. Buildings are outfitted with intra-connected security systems, HVAC, and property management software. Unless these systems are regularly patched and updated, they remain susceptible to ransomware and exploitation.
- In-House Data Management. At present, there is no federal standard that governs how real estate businesses implement their security programs. Without a regulated baseline, many companies have constructed patchwork security infrastructures that feature poorly integrated tools and applications. Disparate systems also make it more difficult to track, store, and adequately secure data, which creates compliance liabilities.
Agents of Change
Fifty percent of real estate companies believe they are not adequately prepared to prevent, or mitigate the consequences of, a cybersecurity event. Fortunately, there are many steps you can take to begin the journey to a more secure infrastructure. Consider:
- Creating data backup strategies and disaster recovery policies
- Implementing anti-malware protection and multi-factor authentication
- Ensuring routine patching and updates on building management systems
- Reviewing your vendor's security, and implementing exchange alerts before wire transfers are approved
iCorps' experts have a deep bench when it comes to serving the needs of the real estate industry. We understand the nuances of a highly distributed workforce, collaborative supply chains, and keeping your client data safe. If you are looking to transform your real estate business with enterprise managed security, contact an iCorps technician today.