Cyber Risk in the CRE Industry
Technology has brought a number of improvements to the CRE industry. Among many other benefits, technology has allowed companies in the industry to upgrade their data analytics software, lead management systems and offer a better service to their clients through innovations, such as virtual tours and quick access to market data. Likewise, commercial buildings, such as offices and industrial estates, often employ a number of highly sophisticated tech solutions to improve the usability and sustainability of their buildings. While these solutions offer a number of benefits to tenants, brokers and landlords alike, such systems can be vulnerable to cyber attacks.
To prepare for attacks, companies need to develop a multifaceted approach to their cyber risk management.
The Cyber Risks
Theft of sensitive information. Theft and data breaches can have a significant impact on businesses and individuals alike. For business data breaches impact an organization’s reputation and financial bottom line – corporations who experienced data breaches often are associated with the breach itself (rather than its product or services). Similarly for individuals, data theft can give hackers access to anything from social security numbers, to addresses and other personal information.
Damage to infrastructure. Hackers wanting to stop a business’s operations, could try to hack the sophisticated technology solutions, such as lighting and cooling systems, to damage offices and industrial spaces.
Intrusion of financial databases. Attackers can also steal important financial info from organizations and their clients. This can include details about companies revenues, or credit card numbers and bank information.
Manage your Cyber Risk
Develop a cyber risk management strategy. Organizations should develop teams and roles responsible for cyber risk management. These teams and individuals will be able to create and be accountable for implementation and improvement.
Educate your employees. Get employees to undertake education programs, simulations and tests to help them understand the potential implications and risks of attacks, as well as how to prevent them.
Develop policies. Policies and frameworks support the management and implementation of any effective strategy. The cyber security team should create a gap analysis of the current state of security and work to patch those gaps by adopting leading practices.
Invest in implementation. All of the strategic elements listed above will require some investment. An organization should assign a budget to effectively manage their cyber security, whether they’re a big corporation or a start-up.
This blog is based on Deloitte’s ‘Evolving cyber risk in commercial real estate. What you don’t know can hurt you.’ View the pdf here.