Despite the
rising threat, recent survey results show a surprisingly small number of agents
are prepared, as most do not have a written cyber security and response plan.
A
cyberattack is a malicious and deliberate attempt by and individual or an
organization to breach the information system of another individual or company,
seeking benefit from the disruption, ransom, or theft of data – and such
attacks are increasing in numbers and complexity.
Despite the
rising threat, recent survey results show a surprisingly small number of agents
are prepared, as most do not have a written cyber security and response plan.
A written
cyber security and response plan is essential to be prepared, organized and to
execute appropriate and prompt actions when an attack occurs.
The plan
does not need to be complex. To be effective, it should be simple and clear and
present key information. It should also be built commensurate with the size of
the organization.
Key
elements of the plan must include:
Perform a risk analysis to mitigate all risks, covering administrative, technical, and physical controls. Simply put, this is what could be vulnerable, what could go wrong and what is or should be done to try to avoid or contain the threat(s).
The cybersecurity program must protect the security and confidentiality of nonpublic information, protect against threats or hazards to the security or integrity of information, and protect against unauthorized access.
Define a schedule for the retention of data and a mechanism for its secure destruction when data is no longer required.
Designate an individual, third party, or affiliate who is responsible for the information security program.
Be sure existing controls in place – access controls, authentication controls, and physical controls to prevent access to nonpublic information. Encryption (or an alternative, equivalent measure) should be in place to secure data stored on portable electronic devices and for data transmitted over an external network.
Identify and manage devices that connect to the network – a simple inventory.
Adopt secure development practices for in-house applications if applicable. Alternatively, obtain this assurance from your service provider that performs the development for you.
Use multi-factor authentication to prevent unauthorized accessing of nonpublic information.
Regularly test and monitor systems for actual and attempted attacks, maintain audit trails, and implement measures to prevent the unauthorized destruction or loss of nonpublic information.
Keep up-to-date on emerging threats and vulnerabilities and provide ongoing training to employees to be sure they understand existing controls and why they are important; employees must know how to recognize and report threats.
The
response plan must include the following elements to be effective:
Date of the cybersecurity event.
A description of how the information
was exposed, lost, stolen, or breached,
including the specific roles and responsibilities of third-party service
providers, if any.
How the cybersecurity event was
discovered.
Whether any lost, stolen, or breached
information has been recovered and if so, how this was done.
The identity of the source of the
cybersecurity event.
Whether you filed a police report or
notified any regulatory, governmental or law enforcement agency and, if so,
when such notification was provided and by whom.
A description of the specific types
of information acquired without authorization, which means particular data
elements including, for example, types of financial information, or types of
information allowing identification of the consumer.
Time period during which the
information system was compromised by the cybersecurity event.
The number of total consumers
affected by the cybersecurity event, or a best estimate.
The results of any internal review
identifying a lapse in either automated controls or internal procedures, or
confirming that all automated controls or internal procedures were followed.
A description of efforts being
undertaken to remediate the situation which permitted the cybersecurity event
to occur.
Don’t wait until an event occurs. It’s a chaotic time full of financial
and emotional high stress. Do it now and provide yourself the peace of knowing
you are prepared.
A national survey of title agents conducted by the American Land Title Association shows that our industry has farther to go when it comes to formalizing cyber and escrow security plans.
Results of the survey also hint that the threat landscape is
becoming increasingly perilous for title agents, consumers and others involved in real estate transactions.
Of the survey’s more than 750 respondents, 63 percent said the number of cybercrime attempts targeting their company increased between 2017 and 2018.
Roughly one-third of respondents also observed increases in fraud attempts targeting buyers, sellers and real estate agents over the same period.
Many title agencies have sought to combat the worsening cyber and escrow fraud threat by means of employee awareness.
More than half of respondents said their company reminds employees about the need to remain vigilant on about a weekly basis. More than 25 percent said those employee reminders are made on a monthly basis.
However, more than 20 percent of respondents reported that their company offers no training at all on cybercrime trends or red flags.
More troubling, however, is that despite the apparent increase in fraud attempts, just 62 percent of respondents said their company has a written cybercrime response plan.
Smaller agencies — those with gross annual income below $1 million — were also somewhat less likely to have formal cyber response plans, wire retrieval plans or training programs than were larger agencies.
Survey results also show that cybercrime insurance coverage among title agents of all sizes is not as prevalent as one might expect given the apparent increase in fraud attempts. More than 27 percent of respondents said their company does not currently have a cybercrime insurance policy.
While most industry participants have made strides when it comes to protecting escrow funds and sensitive information, the survey clearly shows that gaps remain.
The survey also provides an opportunity for all of us to redouble our efforts, particularly when it comes to formalizing cyber response plans.
To help, we’ll be posting a blog series in the coming weeks that will provide simple, actionable tips for improving and formalizing response plans, as well as plans for wire retrieval and staff training.
We’ll also talk about the importance of cyber insurance and provide insight on how to get the right coverages for your business.
In the meantime, check out the growing library of cyber fraud resources on the Alliant National Education page. Alliant National agents can also watch our brand new Texas Continuing Education webinar on information and escrow security.
Cyber insurance is now critical to help protect your business.
Cyber attacks are becoming
more frequent, clever and complex. Cyber insurance is now critical
to help protect your business from major expenses, business loss, and
regulatory fines and penalties.
General liability umbrella policies typically do not cover
cyber events (Target’s insurance policy only covered
36 percent of its $252 million data breach costs).
This insurance comes in many different variations and
costs, so it is important to know what product works best for you, considering
and balancing coverage and cost.
Four key elements comprise essential coverage to protect
against data breach and loss of customer data:
E&O
Liability
Network
Security
Privacy
What is most important is that both cyber-crimes and
liability are included in your coverage.
The policy may be a standalone, or a rider on to your
existing policy. Always buy the most
compressive coverage available that you can afford.
Here is why that is so important:
Broad coverage includes both first and third-party
coverage. First party only covers your business, while third party will cover
the claims against you from customers or clients as well as related damages and
court costs.
The below comparisons show why you need both cyber-crimes and cyber liability coverage:
Event
Liability Coverage
Crime Coverage
Loss of funds (escrow and operational,
personal) due to social engineering and electronic fraud or theft
No
Yes
Fraudulent electronic transfer or
divergence of funds
No
Yes
Employee electronic theft
No
Yes
Forgery
No
Yes
Cyber extortion (ransomware)
No
Yes
Data breach expenses including legal
costs, fines or penalties
Yes
No
Loss of assets and loss of business
income
Yes
No
Recovery of systems and forensics;
reputational damages
Yes
No
Economic damages through network
security failure or failure of privacy controls
Yes
No
Consult with your insurance carrier for specific coverage
offerings and cost and weigh the decision that is right for your business and
budget.
Remember, the
broadest form of coverage will best protect you and your business so while it
may be more expensive, your business will be better protected against the risks
we face in today’s business environment.
The Internal Revenue Service and Security Summit partners recently issued a warning about the surge of fraudulent emails impersonating the IRS and using tax transcripts as bait to entice users to open documents containing malware.
The scam is especially problematic for businesses whose employees might open the malware because the software can spread throughout the network and potentially take months to successfully remove.
Known as Emotet, this malware generally poses as specific banks and financial institutions in its effort to trick people into opening infected documents.
In the past few weeks, the scam masqueraded as the IRS, pretending to be from “IRS Online.” The scam email carries an attachment labeled “Tax Account Transcript” or something similar, and the subject line uses some variation of the phrase “tax transcript.”
These clues can change with each version of the malware. Scores of these malicious Emotet emails were forwarded to phishing@irs.gov. recently.
The IRS reminds taxpayers it does not send unsolicited emails to the public, nor would it email a sensitive document such as a tax transcript, which is a summary of a tax return. The IRS urges taxpayers not to open the email or the attachment.
If using a personal computer, delete or forward the scam email to phishing@irs.gov.
If you see these using an employer’s computer, notify the company’s technology professionals.
Reprinted with permission from the American Land Title Association.
Tracey Webb, a Senior Vice President and Southeastern Region Agency Manager for Alliant National, has 30 years of title industry experience and is based in Atlanta
LONGMONT, Colo. – Alliant National Title Insurance Company (Alliant National) recently announced that Senior Vice President and Southeastern Region Agency Manager Tracey Webb, a title industry leader for over three decades, received the National Title Professional (NTP) designation from the American Land Title Association.
The American Land Title Association advises the NTP designation is designed to recognize land title professionals who demonstrate the knowledge, experience and dedication essential to the safe and efficient transfer of real property.
“Tracey is a very accomplished, professional and highly regarded title insurance industry executive,” said Kyle Rank, executive vice president, agency, Alliant National. “Meeting the NTP designation’s stringent standards and criteria is further proof of her dedication to our independent agents’ success.”
Webb, who graduated from Texas A&M University with a Bachelor of Business Administration, is also a Certified Public Accountant and is responsible for Alliant National’s agency group in the southeast.
“Advancing our industry through education and professional standards helps us all,” Webb said. “I look forward to continuing using my skills to serve our independent agents.”
The Independent Underwriter for The Independent Agent®, Alliant National believes in putting other people first. The company protects the dreams of property owners with secure title insurance and partners with 450+ trusted independent title agents as a licensed underwriter in 24 states and the District of Columbia, with annual revenues exceeding $120 million. Visit alliantnational.com/newsroom for additional information.
