Online security

What do agents need to know?

With the threat of cyberattacks against agencies rapidly increasing, cybersecurity and maintaining cyber resilience has never been more important for agencies to protect themselves and their clients, and to maintain trust between all parties. But how widespread is the threat of cyber attack? The answer is quite harsh. So here’s what officers need to know, both about the threats and what can be done to mitigate them.


Cyberattacks are becoming more frequent


In 2021, two in five companies (39%) reported experiencing cybersecurity breaches or attacks, according to the government’s 2021 Cybersecurity Breaches Survey, and among companies that identify breaches or attacks, more than 27% have encountered these problems at least once. one week.


This is a significant problem for small businesses in particular, with insurers Hiscox reporting that a small business in the UK is successfully hacked every 19 seconds, with companies of this scale facing around 65,000 attempts cyberattacks every day, of which approximately 4,500 are successful.


Naturally, being affected by a cyberattack is hugely damaging to consumer trust, especially when their personal data is at stake. According to such a study by Atomik Research, 33% of UK organizations said they lost customers of a data breach, and a study by Forrester put that even higher, their survey revealing that up to 38% of UK businesses said they had lost business due to security issues.


When this issue comes back to consumers themselves, the potential impact is quite noticeable. A study by PCI-PAL, a secure payments provider, found that 44% of UK consumers say they would temporarily stop spending with a company after a security breach, and 41% of consumers said they would not. would ever return to a company after a breach. This only serves to demonstrate how maintaining poor data security practices can have a serious impact on a company’s bottom line.


It’s not just the loss of client and business confidence that agencies should be afraid of. Failure to report a breach can result in steep penalties, with the UK-GDPR and DPA 2018 setting a hefty fine of £8.7m or 2% of annual worldwide turnover – whichever is greater – for breaches.


Technological challenges require technological solutions


Many companies still don’t have adequate cybersecurity measures in place to protect against hacks or data breaches, and it’s not just large companies that face security threats (and many don’t). still do not have adequate cybersecurity policies), but also small and medium enterprises too. Such dangers to our industry are becoming more prevalent.


According to the government’s 2021 Cybersecurity Breach Survey mentioned above, only three in 10 companies (31%) have a business continuity plan that covers cybersecurity, and only a quarter of companies (23%) have business continuity policies. cybersecurity that cover working from home. – this figure rises to 62% among medium-sized companies and 72% among large companies.


With the growing interest in working from home or hybrid working options among businesses, including agencies, a significant growing risk comes from the use of personal devices such as cell phones or personal computers to perform professional tasks. According to the government survey, when it comes to using personal devices for work, only 18% of companies have policies that cover the use of these devices for work, with this figure rising to 53% for medium enterprises and 66% for large enterprises. .


These statistics only serve to demonstrate the magnitude of the cybersecurity challenge that many agencies still face. Consumer trust is based on the principle that we can take care of their privileged data and information. This means real estate and PropTech companies need to double down on their security initiatives and infrastructure in 2022 to ensure they are as protected as possible from the danger of a breach.


Agencies should first and foremost consider the security initiatives in place within their CRM to build their cyber resilience – this is especially important with more and more agencies using multiple third-party integrations and applications which could make them vulnerable to cyber attacks.


A secure CRM must offer a number of fundamental security infrastructure initiatives for user logins and data processing, such as vendor-authenticated security credentials, single sign-on with multi-factor authentication, encryption of data at rest and in transit. Partnering with a CRM provider that offers a managed service provider also brings its own benefits for infrastructure and security – outsourcing responsibility to one provider means agencies can rest easy knowing that the provider centralizes and secures the management of their data through a single system, which means fewer doors for a hacker to navigate.


Having a greater scope of endpoint security protects an agency’s critical systems, client data, and employees themselves from all kinds of phishing, malware, ransomware, and other cyberattacks . With the threat of severe penalties looming over agencies if they fail to maintain their security, partner with a vendor that can offer the security infrastructure at scale (and scalability) for every size of agency. means peace of mind that if something goes wrong, the system in place will be sufficient to mitigate any damage as much as possible.


I have always believed that technology is a game changer that brings with it distinct benefits and growing dangers in the form of cyberattacks and data breaches. Agencies need to be prepared for these dangers, because the threats are very real, and so are the penalties.


Fortunately, the security infrastructure that currently exists is just as strong and improving day by day. Agents who want to secure their data and protect their business should ask their CRM provider what can be done to protect it.


*Mark Armstrong is Group Managing Director at Reapit