Lawmakers in both the House and Senate announced plans to bolster cybersecurity disclosure requirements for public companies. Publicly traded multifamily firms are already required to report their cybersecurity posture to the Securities and Exchange Commission (SEC), yet this proposal would take it a step further.
Under the proposed bipartisan legislation sponsored by Senators Jack Reed (D-RI) and Susan Collins (R-ME) and Congressman Jim Himes (D-CT), companies would be required to disclose whether any members of their boards of directors have cybersecurity expertise — and if not, why not. The legislation would simply be a reporting tool and would not impose any additional requirements on the company.
Congress continues to grapple with a series of high-profile data security and privacy breaches in the private sector that has compromised the personal information of millions of Americans. Aside from considering possible federal standards that would govern data security, breach notification and consumer privacy, it is increasingly looking at the role of the private sector in boosting the nation’s cybersecurity readiness.
NMHC and NAA provide a variety of resources to help secure a firms’ data and bolster its overall cybersecurity posture. These resources can be found at www.nmhc.org/data-security. Example resources include an industry white paper/guidance document on cyber security best practices, valuable cybersecurity tools from the Federal Trade Commission, and a sharable guide to “Social Engineering Red Flags” that can help educate employees about cyber pitfalls.
Additionally, NMHC works with the Real Estate Information Sharing and Analysis Center (RE-ISAC) to distribute regular email alerts of malicious cyber activity that could impact multifamily firms, their data or residents.
NMHC members can sign up for the cybersecurity notification system to learn of real-time cyber threats.