Cybersecurity concerns continue to drive conversation in Washington as a number of recently revealed high-profile data breaches have been shown to have left millions of Americans’ sensitive, personal information exposed to cyber thieves.
Bipartisan outrage about lax security practices and poor notification procedures has led policymakers to hold a series of hearings that have been aimed at identifying legislative solutions that bolster security requirements for consumer data-intensive industries and businesses that, like apartment firms, use, collect, and maintain sensitive consumer data. While no consensus about a legislative path forward has yet been determined, lawmakers agree that more must be done to bolster cyber defenses across all sectors.
This past week, the Federal Trade Commission (FTC) issued new guidance for small businesses on cybersecurity preparedness. While aimed at small businesses who may lack resources or in-house knowledge, much of the guidance would be of benefit to apartment firms of all sizes and is worthy of review. Given the ever-expanding cyber-threat landscape, this is the exact type of guidance NMHC/NAA has called for the federal government to provide.
The guidance ranges across 12 topics covering everything from Cybersecurity Basics to understanding the National Institute of Standards and Technology (NIST) Cybersecurity Framework to Vendor Security. The guidance provides clear, actionable advice from across government, including the FTC, NIST, the Department of Homeland Security and the Small Business Administration (SBA).
NMHC/NAA provide a variety of resources to help secure a firms’ data and bolster its overall cybersecurity posture, which can be found at www.nmhc.org/data-security. Example resources include an industry white paper/guidance document on cyber security best practices, valuable cybersecurity tools from the Federal Trade Commission, and a sharable guide to “Social Engineering Red Flags” that can help educate employees about cyber pitfalls.
Additionally, NMHC works with the Real Estate Information Sharing and Analysis Center (RE-ISAC) to distribute regular email alerts of malicious cyber activity that could impact multifamily firms, their data or residents.
NMHC members can sign up for the cybersecurity notification system to learn of real-time cyber threats.