New toolkit to buff up industry’s resilience against cyber risks

In a bid to strengthen the industry’s protection against potential cyber threats, the REIQ unveiled that a national real estate cyber resilience toolkit is currently under works. 

Upon its rollout, the toolkit will act as a guide to plainly explain Australian privacy laws and data security requirements in the context of real estate transactions. 

It will also provide practical advice on how real estate agents can securely collect and store personal information, how to better protect against cyber attacks and how to prevent unauthorised personal information disclosures.

REIQ chief executive Antonia Mercorella said that the institute acknowledges the role that technology is now playing in the business’ operational ecosystem.

“The REIQ recognises that a number of different suppliers and technologies support the real estate sector, so real estate practitioners should not only assess the integrity of their own business’ cyber security — but extend this to the various suppliers they use as well,” she stated. 

But she pointed out that given the recent high-profile cyber attacks on various sectors, including the real estate sector, Ms Mercorella said that it is timely to “reassure the real estate community and real estate consumers that we’ll continue to support them as new cyber threats and challenges arise”. 

“To do so, behind the scenes, we’ve been working on packaging all our best practice advice and information regarding cyber resilience into a reliable one-stop-shop resource, which can be used by real estate professionals Australia-wide,” she said. 

Ms Mercorella’s statement comes on the heels of some notable cyber incidents that have taken up the headlines in recent times. 

On 3 November, Harcourts confirmed that a Melbourne City franchisee’s rental property database had been compromised by an unauthorised third-party access on 24 October.

Notably, cyber attacks on major players in other industries have also had a ripple effect on the real estate sector. The cyber hacks that hit telecommunications company Optus and Medibank in October have prompted the government to fortify its data protection policies. 

Under the new maximum penalties, real estate agents and agencies that fail to protect consumer data from scammers could face maximum penalties of more than $50 million. 

The recent developments have also prompted some industry figures, including Stockdale & Leggo chief executive Charlotte Pascoe, to call for cyber vigilance as questions mount over real estate data rights. 

To tackle this growing blindspot in the industry, REIQ stated that the toolkit would provide a series of guidelines for internal use and a checklist that real estate agencies can use when evaluating and choosing third-party suppliers and data partners.

“The toolkit outlines everything real estate practitioners need to consider when selecting and assessing a supplier, and in turn, those criteria will become the baseline for proptech to meet if they want to work with the real estate sector,” she said.  

To further beef up the toolkit, Ms Mercorella said the REIQ is looking to work with the proptech sector to develop a series of guidelines for third-party technology suppliers.

“As the peak body, we believe we have an important role to play in working proactively and collaboratively with proptechs to guide new technology so that it meets the unique needs of real estate businesses and the legislative frameworks they operate within,” she said.

Ms  Mercorella said that the institute had forged longstanding strategic industry partnerships to help agents be up to date with privacy law requirements and cyber risks.

On top of the new toolkit, the executive shared that REIQ has collaborated with AON and Securexchange to develop a short course for real estate agents on cyber security awareness, which will be available not only to REIQ members but to all industry professionals. 

“We’ve also integrated Securexchange into Realworks, the REIQ’s forms platform, which includes sales contracts used by real estate professionals, to allow parties to communicate and arrange funds transfers in a safe environment away from the dangerous eyes of cyber criminals,” she stated. 

In addition to the new cyber protection guide, REIQ will also be delivering webinars, training events, and articles to support the release of its real estate cyber resilience toolkit.

Ms Mercorella highlighted that over the years, the institute has taken up the mantle to proactively empower real estate professionals and businesses with cyber-related training as the risk of data breaches and cyber attacks continue to pose a “significant and serious” threat against businesses.  

“Through our education programs and professional development events, we have provided extensive training around privacy laws and cyber awareness and resilience,” she stated. 

As part of this initiative, Ms Mercorella pointed out that REIQ has previously developed a suite of privacy-related template policies and documents for the real estate sector.

“This is all support that has been delivered to date and is ongoing in nature to empower real estate agents to make compliant and informed decisions and to transact responsibly,” she said. 

The REIQ executive stated that the cyber resilience toolkit is yet another way that REIQ can support real estate professionals.