Posts Tagged ‘#nationalcybersecurityawarenessmonth’

CISA 2024 cybersecurity awareness month photo

What Title Agencies Should Know This Cybersecurity Awareness Month

Use this year’s spooky season to assess your strategies and ward off the specter of cybercrime.

For many people, October is associated with ghosts, goblins, tricks and treats. But for those involved in IT, it represents something equally scary: the unpredictable cybersecurity landscape facing businesses today. You see, October is Cybersecurity Awareness Month, and it’s the perfect time for title agencies to reassess their digital defense strategy. Let’s review some top priorities and best practices to ensure your strategy is working as efficiently as possible.

The undeniable importance of cybersecurity in title insurance

Title agencies are no strangers to handling large amounts of sensitive and personal information, as collecting and transmitting data is key to any successful real estate transaction. However, it can be challenging to know which aspect of your security to focus on, especially with so much information out there about threats, breaches, and solutions. Cutting through this noise requires a careful strategy that aligns with your agency’s specific needs, goals, and risks. For title agencies, this means focusing on solutions that protect sensitive client information, prevent wire fraud and ensure compliance. Let’s dive deeper into how you can ensure you achieve each of these priorities.

Investing in data protection

Achieving comprehensive data protection means examining and securing potential attack vectors. Let’s take email as an example. Email is one of the top ways in which cyber criminals exploit a business’s defenses and breach critical systems, especially in the real estate industry. Techniques like multi-factor authentication, encryption, mail filters and domain-based message authentication are all non-negotiable if you want to keep your people and agency safe. But that’s just the tip of the iceberg. One of the main ways that attackers harm businesses is through human error, which means that any technology solutions you implement must also be paired with security awareness training. These programs are invaluable for training team members on how they can spot suspicious or dangerous email activity and take action to keep systems and data safe.

Protect against wire fraud

Easily one of the most well-known cyberthreats to title agencies is the scourge of wire fraud. Fraudsters frequently target transactions by intercepting wire instructions and diverting funds into their accounts, often with devastating consequences for both title agents and consumers. While encrypted communication channels and stringent verification methods — such as multi-factor authentication and verbal confirmations — are critical to combating this threat, comprehensive verification solutions are equally essential. SecureMyTransaction, developed by Alliant National, is one such solution. It helps agents verify transaction participants and performs both bank account and business verifications. By integrating solutions like this alongside educating clients on best practices, you can significantly reduce the risk of human error and safeguard your transactions.

Don’t forget compliance

Closely connected to agency security is the issue of regulatory compliance. Agencies are subject to many industry standards and requirements. You must always be mindful of whether your cybersecurity strategies are in alignment with these obligations. Routine audits of your security practices and activities can provide greater visibility and ensure ongoing compliance, which is essential to avoiding fines. I can’t stress enough how important it is to be proactive rather than reactive with this aspect of your security. Your company’s very reputation hinges on it!

Stay safe during Cybersecurity Awareness Month and beyond

When October comes around each year, there is always a lot to look forward to. The weather is cooler, the air crisper. Jack-o’-lanterns begin showing up on doorsteps. And everywhere leaves are bursting into color. While digging into your cybersecurity strategy may not sound as fun, October’s Cybersecurity Awareness Month is a great moment to stop, reflect and recalibrate for a successful year ahead. By taking a hard look at how your agency is handling data protection, wire fraud and regulatory compliance, you can reduce your risk and move into the final stages of the year with greater confidence in your agency’s security. You may still have ghosts, goblins and even mischievous trick-or-treaters to deal with, but at the very least, you’ll know you’ve taken steps to keep cybercriminals at bay.

Cybersecurity & Infrastructure Security Agency Cybersecurity Awareness Month 2023 banner

Top 5 Cybersecurity Issues for Title Professionals

Today’s title professionals face ever-increasing cybersecurity threats, all of which can cause major disruption and economic loss. With October being Cybersecurity Awareness Month, now is the perfect time to review the latest trends affecting our industry and understand how to mitigate some of the top challenges.

I.  Wire fraud remains number one

Wire fraud continues to be the number one threat to title agents, their customers and the vitality of their business. According to the latest FBI reports, the average cost per wire fraud incident is nearly $200K, and the total number of incidents recorded this year will likely break records.

Take the following actions to derail some of the most common schemes, including phishing, business email compromise and social engineering:

  • Use multi-factor authentication (MFA) for system access.
  • Ensure the latest security patches are promptly installed. Read our tips on keeping programs updated consistently.
  • Consider upgrading your antivirus protection with endpoint detection and response (EDR), a dynamic tool that leverages AI technology to reinforce your security.

II. Watch out for fraudulent sellers

Seller theft, one of the most significant emerging threats, involves a scheme where the seller’s identity is falsified, leading to a bogus and fraudulent sale. There is no shortage of information online regarding real estate transactions, making it easy for thieves to obtain these details. Here are some of the best strategies for combating these fraudsters:

  • Use encryption to protect communications and all identifying information, including emails and data that is “at rest,” that is, data housed physically on a given computer storage device.
  • Verify and validate identification through available electronic tools.
  • Confirm and reconfirm throughout every step of the transaction. Slow down. Take time to verify.

To reduce fraudulent transactions and lower premiums, Alliant National has initiated a crime watch program, which incentivizes policy-issuing agents to detect and prevent illicit activity. Learn more about the program and get involved.

III. Privacy remains the focus

Ten states have now enacted comprehensive privacy laws. Six have passed laws this year alone, with Texas being just the latest to do so. All 50 states now have data breach reporting laws. Many statutes impose a significant daily fine for late notice or a private right of action for failure to comply and negligence.

What all these legislative moves imply is that privacy and sensitive data protection remains at the forefront of our industry. Title leaders must ask themselves if they are staying current on the latest technologies and techniques to guarantee end-to-end data protection, including:

  • Developing a written security plan and devoting the necessary time and resources to ensure employees are trained sufficiently. maintaining complete records is important as well.
  • Encrypting sensitive and non-public information, which is essential to protect against unauthorized access and breaches.
  • Knowing and abiding by your state-specific breach reporting requirements.

IV. Practice secured electronic document storage

Title agencies routinely deal with electronic documents that contain large quantities of sensitive information and which represent a highly attractive target for today’s criminals. In fact, according to recent research, “88% of organizations worldwide were experiencing spear-phishing attempts in 2019. And 68% of business leaders felt their cybersecurity risks were drastically increasing.”[i]

Here are some principles to help keep these bad actors at bay:

  • Ensure you are applying encryption to protect digitally stored documents.
  • Perform periodic backup and recovery tests to ensure the availability and integrity of stored records.
  • Maintain and test disaster recovery and business continuity plans.

V. Adhere to all regulations

Regulatory compliance requirements have increased and will continue to evolve to address shifting cybersecurity and consumer privacy issues. Stay abreast of some of the most pressing changes to the landscape:

  • The current patchwork of complex state privacy and data breach laws is expected to continue growing without any expected federal legislation.
  • The Gramm-Leach-Bliley Act (GLBA) has been updated for the first time since the early-aughts to address data security and privacy. Modifications to the law’s security safeguard rules are going into effect in June 2023 and will be enforced by the Federal Trade Commission.
  • The National Association of Insurance Commissioners (NAIC) has released a draft of proposed 2023 privacy protection requirements modeled after the California Consumer Privacy Act (CCPA) and the New York State Department of Financial Services (NYDFS).

Taking action can keep you safe

Wire fraud. Seller falsification. Regulatory compliance. It seems like every day there is a new thing for the busy title agent to worry about. Staying apprised of the latest news and best practices, however, can help, as can seeking out the expertise of an experienced technology provider. Taking these steps, along with carrying comprehensive insurance for cybercrime and liability, can reinforce your security posture for maximum protection.

For more tips on building a safe and secure title operation, check out our other blogs focusing on IT.


[i] 2020 State of the Phish: An in-depth look at user awareness, vulnerability and resilience (proofpoint.com)

Let's Connect

Discover more stories and conversations on our social media networks,
or drop us a line on our contact page.


The Independent Underwriter for
the Independent AgentSM