RealFoundations Provides Cybersecurity Insight During Live Webinar
March 2019 - Dallas, TX — On Thursday, March 14th, Realcomm hosted a live webinar titled Cybersecurity for Commercial and Corporate Real Estate | Developing a Sound Strategy. Moderated by Realcomm CEO Jim Young, the list of panelists included:
David Sulston | National Director of Security, Oxford Properties;
Charles Meyers | Chief Technical Architect, Wells Fargo - Corporate Property Group;
Lauren Stokes | Director of Managed Services Technology, RealFoundations;
Marc Petock | Chief Marketing & Communications Officer, Lynxspring;
Anne Hardy | Chief Security Officer, Join; and
Sri Rajagopal | Chief Technology Officer, IoTium.
Below is a recap of the webinar. You may access the full webinar on Realcomm’s website by clicking here.
Developing a Sound Strategy
Jim Young opened the discussion by detailing the RECC (Real Estate Cyber Consortium) group, which is said to be the foundation of all conversations that are currently happening about cybersecurity within the industry. The mission of this group is to elevate awareness across the real estate community, improving security preparedness for buildings and facilities while aligning development, deployment and ongoing support of building technology solutions to a core set of security principles and standards.
Kicking off the panelist portion of the webinar, David Sulston presented the threat landscape of cybersecurity, highlighting the technical components such as chips, edges, communications mediums and software, as well as the human components such as manufacturers and integrators. Charles Meyers’ presentation stressed that from a risk perspective, it is important to take a broad approach when identifying all vulnerabilities that exist within a real estate company. Doing so requires the creation of a program addressing the asset lifecycles, including all relevant stakeholders early on, in order to ensure that practices follow policies that align with the potential risks.
Lauren Stokes of RealFoundations discussed in detail the current cybersecurity landscape and its evolution over time. Historically, the largest corporations were the biggest targets of security breaches. However, over the last few years, RealFoundations has seen several attacks on the corporate real estate industry, specifically. Many cyber criminals have been targeting smaller businesses, as they may be easier to penetrate and are likely to be more vulnerable. Lauren drew contrast between the common attack scenarios, breaking them down into brute force, which consists of various combinations of usernames and passwords to gain access to accounts, and ransomware, which involves the compromising of credentials, giving the attacker access to all files while holding for ransom.
An approach to mitigating cybersecurity risk was also presented, which includes (but is not limited to):
Securing the technology perimeter by hardening networks and infrastructure
Instituting policies and procedures that cover passwords, patch management, mobile devices, etc.
Educating employees and incorporating targeted training and ongoing phishing tests
Developing a cybersecurity strategy which includes the above components should be a priority for every real estate enterprise today.
Following RealFoundations’ presentation, Marc Petock emphasized how the emergence of Smart Buildings has created an ability for owners and operators to leverage technology to deliver a better performance and increased asset value for tenants, more than ever before. However, with this has come increased cyberattack risks and it has opened new opportunities for hackers to disrupt businesses…
Anne Hardy with Join also highlighted the evolution of IT in Commercial Real Estate and its impact on security. There are many benefits to moving the ownership of secure internet-enabled buildings, such as an increased physical security, unified access control, surveillance, device profiling and built-in cyber threat detection…
Final panelist, Sri Rajagopal of IoTium, wrapped up the speakers’ dialogue by emphasizing the evolution, growth and maturity of cybercrime and discussed some of the most vulnerable areas. These include the lack of encryption, password complexity, lack of data isolation, lack of visibility and application vulnerabilities. He suggested that the first thing to do, if you are responsible for protecting your real estate company with no formal policy currently in place, is to unify remote access, including your vendors, in order to gain an instant advantage in protecting yourself.
Following the panelists’ presentations, Jim Young asked the panel to describe the most challenging thing to execute in cybersecurity; most speakers focused on the need for a cultural shift within organizations. This cultural shift demands that internally, all stakeholders must take part in a commitment to becoming better trained and more knowledgeable within the realm of cybersecurity.
The session concluded with a common message from the panel… “It’s not all dark”. There is a lot of work underway amongst many organizations that are prioritizing cyber security, and while it can seem overwhelming, we must all take one step at a time to implement the most ideal strategy that works for your firm.
If you have questions or would like to speak to professionals about developing a Cybersecurity Strategy, feel free to reach out to Lauren Stokes, Director, Managed Services Technology, RealFoundations at (214) 292-7036 or Lauren.Stokes@realfoundations.net.
RealFoundations is a professional services firm focused on the real estate industry. With offices on four continents, 400+ client-serving professionals and off-shore delivery capabilities in India, RealFoundations provides Management Consulting, Managed Services and Energy Solutions to developers, owners/operators, service providers, institutional investors and corporate occupiers. From the building itself to the way it is used, operated and financed, no firm understands the inner workings of the entire real estate ecosystem as well as RealFoundations. We Make Real Estate Run Better.