03.02.21

Cybersecurity on the Front Lines of Multifamily Housing

Media

By: Jeffrey Kok, Chief Innovation Officer and Chief Information Officer


“Securing apartment community networks involves more than just phishing tests.

As onsite processes become increasingly digital, multifamily housing organizations have focused more and more on cybersecurity in recent years. Companies are taking cybersecurity more seriously at the board level as investors have pushed for more stringent data-privacy measures, and many of the practices are funneling to the site level, especially with the emergence of the Internet of Things (IoT).

But significant gaps remain in the industry’s grasp of cybersecurity and data privacy effectiveness and how to improve it. That is regularly evident in the incomprehensive contracts written throughout the industry by different providers. In addition, 80 percent of observed cyberattacks used vulnerabilities reported and registered in 2017 and earlier, according to data from Entrata. More than 20 percent of the attacks exploited vulnerabilities that are at least seven years old.

While the industry has taken steps to promote cybersecurity awareness in several areas, particularly regarding phishing attacks and ransomware, a large part of the shift has been reactive. For instance, when new legislation is introduced—such as the California Consumer Privacy Act (CCPA)—companies are only then more likely to focus on how their data privacy and cybersecurity practices are being upheld.

As 2020 brought a host of new threats from opportunistic infiltrators, many organizations don’t yet have a comprehensive understanding of contract law and the company’s obligation to further secure data. Legal teams are helping to bring awareness to existing and forthcoming threats, but it remains in the early stages in the apartment world.

Following is a look at the current state of cybersecurity in multifamily housing and what the industry can do to better protect itself from cyberattacks that could lead to costly data breaches.”

Full article by Jeffrey Kok can be found here.