Cybersecurity, data and privacy are a key concern for real estate agencies, according to a recent REIA report, prompting calls for business owners to consider their cybersecurity and cyber response plans.
With vast amounts of sensitive information stored on their systems, real estate agencies have become an attractive target for cybercriminals in Australia.
With many agencies experiencing breaches that have resulted in significant financial damage and the average cost per cybercrime incident costing small businesses $39,000 last year, cyber risk expert Jane Mason says real estate businesses need to consider how they’ll protect themselves from the growing risk of cybercrime.
“Cybercrime has always been a moving beast… The threats a year ago are different from today and they will likely change again in another 12 months,” Ms Mason, Head of Product, Channels, and Risk at business insurance service BizCover, said.
“The challenge for business owners is to know what the risks are and know how to prevent and protect against an attack and its consequences.”
The ‘big guys’ myth
With attacks on massive companies dominating the headlines, it’s easy for small agencies to think they are not the targets and that cybercrime only happens to the big guys.
“You should be more worried because these massive companies are being so easily hacked,” Ms Mason said.
“Cyber attacks are increasingly shifting towards smaller businesses as they are exposed as easier targets,” Ms Mason said.
“Many lack dedicated IT staff and fail to identify the weaknesses in their systems, leaving them vulnerable to attacks.”
Protecting against cybercrime and its consequences
With so much risk about, real estate agencies are increasingly looking for ways to lock the digital doors to their information.
Ms Mason urged for a dual approach when developing a business cybercrime plan – recommending cybersecurity (to safeguard against cyber threats) and cyber insurance (to protect against the consequences if a cyber-attack occurs).
“We strongly encourage SMEs to adopt best practice cybersecurity practices,” she said.
Here are six top tips for cybersecurity Ms Mason hopes real estate businesses adapt:
- Updates – Ensure software updates and patches are done as soon as possible.
- Secure data encryption – Ensure that data is encrypted using an encryption code that only authorised people can access.
- Upgrade devices if the manufacturer has discontinued support for the software.
- Create a security policy that requires all devices to use a high-quality VPN and antivirus protection.
- Encourage strong password habits – To promote better cybersecurity practices, enforce strong user credentials and multi-factor authentication.
- Educate employees on security practices and how they can avoid data breaches
The importance of Cyber Liability insurance
It’s important to remember that good cybersecurity practices are the first – and not the only – line of defence.
“Sometimes hackers can get through no matter how much you implement cybersecurity and you will need to consider how you will deal with the financial and reputational consequences,” Ms Mason said.
Not only would the agent have to deal with the cost of recovering the data and investigating the attack, but they would likely need to account for business interruption costs and the expense of bolstering cyber defences.
Then there is the cost of dealing with the PR fallout and the potential of being liable for fines and legal costs associated with the victims of the attack.
All of this would likely be on them to pay as they didn’t have Cyber Liability insurance.
But when you have Cyber Liability insurance, you have an incident response team ready to help manage the situation and provide support when needed.
Your Cyber Liability policy could cover you for a whole bunch of expenses, including:
- data breaches including theft or loss of client information
- network security breaches
- business interruption costs
- forensic investigation into the cause or scope of a breach
- data recovery costs
- cyber extortion
- crisis management costs (to protect or mitigate damage to your businesses reputation resulting from a cyber event)
- loss and legal costs, including fines and penalties resulting from a third party claim for data or network security breach against your company.
“Without a Cyber Liability policy, that extensive list may fall on you,” Ms Mason said.
The bottom line
The risk of cybercrime to the real estate industry has been there for a while now but now agents are catching on.
While REIA has announced it wants to address the problems of cybercrime within the industry, it’s still a work in progress.
It’s ultimately the responsibility of the business owner to implement a cybersecurity and cyber response plan.
“While risk mitigation is important, sometimes things can slip through,” Ms Mason said.
“Ensure your real estate business is covered against the expense and legal costs associated with data breaches before your data is going once, going twice, sold… to malicious third parties.”
This information is general only and does not take into account your objectives, financial situation or needs. It should not be relied upon as advice. As with any insurance, cover will be subject to the terms, conditions and exclusions contained in the policy wording. © 2023 BizCover Pty Limited, all rights reserved. ABN 68 127 707 975; AFSL 501769