Cyber-security is a hot topic within the property industry – for practitioner firms, financial institutions and consumers alike.
Residential dwellings represent Australia’s largest asset class, worth $7.1 trillion, which makes it an understandably attractive target for criminals and fraudsters.
However, while the sector continues to upscale its cyber-awareness, there remains grey areas in this space.
Speaking at PEXA’s PropertyX Connect series event in Adelaide, Mike Barber, CEO of the Australian Cyber Collaboration Centre (A3C) sought to shed light on common misconceptions within the community.
MYTH: Only certain businesses are vulnerable to cyber-attacks.
TRUTH: Any business with sensitive information can be targeted.
“The threat exists for all businesses and industries – big and small. Data is one of the most important assets for any organisation and it’s not a matter of if you’ll be targeted – it’s when.
“This includes small businesses as well and is particularly applicable to those working in property,” Barber said.
He recommends evaluating the processes and infrastructure you have in place to protect your customer’s information.
MYTH: Anti-virus and anti-malware software keep you completely safe.
TRUTH: Software alone can’t protect against all cyber risks.
“There’s a misconception that antivirus and antimalware software will safeguard you on its own – this isn’t true – protection is also about the security of your hardware,” Barber said.
Older software tends to be more vulnerable to attack, which is why most IT companies and cybersecurity organisations recommend using the latest operating system available for your device.
MYTH: All cyber threats originate from outside your business.
TRUTH: What happens within your organisation is just as important.
Insider threats include employees accidentally clicking on a malicious link, downloading a virus, opening an unsafe attachment or pre-existing password vulnerability.
“There’s research that says insider threats account for nearly 70% of most incidents in an organisation,” Barber said.
Remote workforces and increased mobility in more recent times have increased these threat levels.
He suggests zero-trust networks that ask for authentication upon logging into the network, as well as when logging into individual applications.
Research says up to 73% of online accounts are guarded by a duplicate password, with an average of eight passwords being used to guard up to 24 online accounts.
This creates a domino effect for hackers to take down multiple accounts by hacking into a single password.
Best practice in this domain includes using an app or website to manage a different password for each online account and never reusing or writing down passwords.
MYTH: Your IT department is solely responsible for cyber-security.
TRUTH: Everyone plays a role in keeping your organisation cyber safe.
“It’s not just the IT department’s responsibility, the onus is shared among all staff. It’s imperative to make sure cyber-security awareness is entrenched throughout every organisational level.
“Creating wholesale action and awareness around security risks can help form a culture that underpins your cyber-resilience,” Barber said.