By Zafar Khan
In the past, for individuals and small businesses, cybersecurity was important to mitigate the inconvenience of spam, viruses that required restoring back-ups of corrupt files, and letters to credit bureaus to clear up identity theft issues. While painful, the cost of these was generally in the hundreds of dollars and perhaps a few hours of inconvenience.
Today, we see a convergence of trends that is changing the dynamics of cyber security for those in the integrated real estate sector.
- Consumers and real estate service providers have become habituated to the convenience of online services and apps which require a low level of user sophistication.
- With increasing volumes of high value transactions exchanged through electronic channels, Internet criminals are coming up with new ways to intercept the communication or deceive the parties involved, such as researching a target’s contacts and background in sites such as LinkedIn, where they can identify real business relationships and pose as one of them. (See recent article: Business Email Compromise.)
- Regulators are focusing on protecting consumer information by enacting cyber security regulations and outsourcing audits, increasing the stakes for regulated industries (i.e. realtors, lawyers, title insurance, settlement and escrow agents, lenders, accountants) that may be susceptible to a security breach.
- In the past, Internet criminals were expert “marketers” who would purchase email addresses, set up internet domains to pretend to be a real company, and then they would bombard users with carefully written emails selling familiar consumer products. Today, hackers and Internet criminals are far more sophisticated, and are willing to invest more time to research their individual targets. As a consequence, according to the FBI, cyber fraud losses per incident average $6,000 per individual and $130,000 per business, with $1.2 billion reported stolen in the last year.
- If one is encrypting “for compliance”, one might want a service that is secure enough to protect the information in transit (with no storage in the middle). By contrast, if one is looking to protect strategic interests, one might consider email encryption services that maintain the simplicity of use, but yet keep the messages encrypted in transit and within the sender archive/sent folder as well as the recipient archive/inbox. This protects the sender’s strategic interests such that these messages remain private far into the future regardless of a future breach, and content cannot be culled by the recipient’s email platform while it sits in his or her inbox (i.e. Gmail, Hotmail, Yahoo). Consider common email encryption methods and the basics as to what encryption is, in simple terms.
For individuals and small businesses, today’s challenge is to maintain the simplicity of digital communications and transactions, while increasing the protection against these new cyber risks. Armed with just a little more knowledge, users can reduce their exposure to today’s “hacker gold rush.”
Zafar Khan is CEO of RPost. He can be reached at email@example.com. Khan will speak more in depth about this topic during a session titled "Uncrypting the Encryption Options" at ALTA's Annual Convention. Click here to register.