Connect with us

Hi, what are you looking for?

The Real DailyThe Real Daily

Real Estate Brokerage

Cybersecurity is not just an ethical responsibility but a legal one

Business leaders are responsible for their cybersecurity policies and actions, but now more rules and regulations are on the way.

Glasses in front of code on computer representing cybersecurity

Cybersecurity may often be an afterthought at your brokerage or business, but ensuring your team’s safety is not only ethical but soon-to-be a necessity by law.

In an Aug. 29 article from 2022, Harvard Business Review reported that cybersecurity regulations are coming. Instead of just abiding by the recommended actions, businesses will be responsible for taking care of security risks.

In 2021, 36 states enacted new cybersecurity legislation. Most of that legislation deals with privacy; however, reporting threats is also covered in some legislation, and as we learn how to deal with threats, more rules are coming.

Right now, most cybersecurity threats are not required to be reported unless private information like names and credit card numbers are stolen. That’s why you hear about companies falling victim to huge ransomware attacks after the fact instead of while the attack is ongoing.

The Republican Policy Committee reports that fewer than 25% of data breaches are reported. The average length of time it takes to identify and contain a breach is 287 days. The average ransomware breach is $4.6 million and 80% of breaches are discovered and disclosed by an external party. Other organizations say the number is smaller, but what’s clear is no one knows exactly how much is at risk rat this time, and states are telling businesses that has to change.

Right now companies need to get proactive.

Companies subject to SEC regulations need to make sure they have processes and procedures in place to address breaches quickly. Quickly is where many companies are falling down on the job.

Ransomware policies need to be up to date. Some states are making it illegal to pay ransomware attackers. Harvard Business Review tells companies to look at their ransomware policies to see if changes to current cyber insurance policies need to be addressed.

Make sure you have a ‘Software Bill of Materials’ with properly vetted sources for software and software bundles. Not knowing you introduced a vulnerability won’t be an excuse. Companies need to know.

States are telling businesses they need to get their cybersecurity houses in order. Governments both local and abroad are moving in a direction that will place blame squarely on business owner shoulders if the vulnerabilities are not addressed.

Mary Beth Lee retired from teaching in Texas this year after 28 years as a student media adviser. She spends her time these days reading, writing, fighting for public education and enjoying the empty nester life in Downtown Fort Worth.


The Daily Intel
in your inbox

Subscribe and get news and EXCLUSIVE content to your email inbox.



Real Estate Technology

Autofill settings in browsers can be susceptible to phishing scams where websites can acquire personal information.


(POLITICS) ICE and CBP refuse to be forthcoming about their use of surveillance technology even as invasive as it is. The ACLU is not...

Real Estate Technology

(TECH NEWS) Your company is basically saying "come and take it" without cybersecurity training or procedures in place - here's where to start and...

Real Estate Technology

(TECH NEWS) The hackability of the IoT leaves device owners open to security breaches, but there could be a major revolution in cybersecurity if...


The Real Daily is honest, up to the minute real estate industry news crafted for industry practitioners - we cut through the pay-to-play news fluff to bring you what's happening behind closed doors, what's meaningful to your practice, and what to expect in the future. We're your competitive advantage. The American Genius, LLC Copyright © 2005-2023