Cyber risk to the multifamily industry is often overlooked and underestimated. However, apartment firms and their third party service providers regularly collect, use and maintain sensitive financial and personal data about residents, prospective residents and employees that leave them vulnerable to cyber incidents. During last week’s 2016 NMHC Spring Board of Directors Meeting in Chicago, we released a preview of a soon-to-be-released cybersecurity white paper. The paper will provide an in-depth analysis of the challenges facing the multifamily industry and, most importantly, provide a clear road map on how to implement best practices.
Specifically, the recommendations aim to help member firms navigate the complexities of the cyber landscape and help ensure they have a reasonable information security program in place. As part of the spring meeting, a panel of cybersecurity experts also discussed the importance of a robust cybersecurity program that includes incident response, evaluation of third-party relationships, oversight and staff training.
Panelists emphasized that cybersecurity is not an IT-issue. Instead, it is an enterprise risk management issue that needs to be a C-suite priority. They also stressed that developing a cybersecurity program is not a one-time occurrence. An effective program is one that is constantly tested and refined.
The comprehensive cybersecurity white paper will be released in June and a related webinar is planned for July. In the meantime, read the executive summary here and visit nmhc.org/data-security.
- FTC Commercial Surveillance and Data Security Comment Letter
- Legislation that Creates Federal Data Privacy Standard Advances to Senate
- NMHC NAA Data Privacy Letter to Energy and Commerce Committee
- NMHC NAA Letter on Data Privacy
- Bipartisan Lawmakers Release Federal Data Privacy Bill That Would Have Impact on Multifamily Data Practices