With significant cyber security attacks grabbing headlines over the last two months, an expert enumerated the best practices real estate businesses must embrace to prevent another industry casualty.
Andrew Woodward, the executive dean of the school of science and director (interim) at the ECU Security Research Institute, underlined cyber security as an “urgent priority” for all segments of industry globally.
Speaking at the Cyber Security Forum event held on 15 November and spearheaded by the Real Estate Institute of Western Australia (REIWA), the expert cited figures from Verizon’s data breach investigation report (DBIR) 2022.
The alarming report showed 832 incidents affecting small businesses in Australia were reported this year — 130 of which involved data disclosure.
During his keynote talk, Mr Woodward shared how businesses can cover all their bases to defend against cyber threats.
For passwords — which are considered as the first line of defence against unauthorised access to a hardware and personal information — Mr Woodward called on the implementation of practices such as two-factor authentication, not using/sharing passwords, using a password keeper/generator app, and changing default credentials of the point-of-sale controller and other hardware or software.
He also called on due diligence on the prompt installation of software updates and keeping the back-up schedule consistent, with the expert emphasising the importance of maintaining off-line back-ups or those that are not connected to a computer.
Additionally, Mr Woodward reminded businesses to employ the most common and time-tested practices against cyber threats. This includes ensuring that built-in firewalls are switched on for user devices and that devices in your business have antivirus software coverage.
To have email security protections in place, Mr Woodward advised firms to ensure computers used for financial transactions are not used for social media or email and recommended the use of email services that incorporate phishing and pretexting defences.
Lastly, he advised businesses to develop a cyber security incident response plan and verify that they are working with vendors to ensure they follow the same guidelines.
For those who are on the other side of the transaction fence, Dr Woodward also suggested consumers involved in real estate dealings take precautions to protect their data, such as not clicking on links in unsolicited emails or texts and being wary of suspicious emails.
If consumers are not sure, the expert recommended verifying the source of the email with the real estate agent they are corresponding with. Most importantly, he stressed that consumers should never disclose sensitive data via email or text, including payment or banking instructions.
REIWA chief executive Cath Hart said the forum was held to provide information to members on how they can best protect their clients’ information.
“Personal data is personal for a reason. People expect it to be safe and confidential. When it’s leaked, people feel the same sense of grief and fear as when their houses are broken into.
“Our members reached out to seek our help to support them in understanding this fast-changing issue, and we are pleased to be able to engage Professor Woodward’s expertise to facilitate this,” she stated.
Ms Hart shared that REIWA is working hand in hand with the Real Estate Institute of Australia (REIA) so that the cyber security initiatives rolled out in the state can be launched via the national real estate body to other member institutes.
“Being on the front foot and self-regulating in this space is a shared objective of member institutes, so we are pleased with the strong response to today’s event and look forward to delivering more support for the industry as a result of our memorandum of agreement,” Ms Hart said.
REIA president Hayden Groves lauded REIWA for taking the lead in tackling the issue on behalf of the real estate industry and highlighted the importance of industry-based leadership when it comes to combating cyber threats.
“Real estate agencies are largely small and medium businesses, and they have been seeking support on how best to protect personal data. We know that [the] industry is taking this seriously, and that is why REIA has made this a priority for our agenda going forward.
“We’re pleased to be working with REIWA to pilot key initiatives and develop best practice guides through the partnership with ECU’s Security Research Institute,” Mr Groves said.