Retail, travel, and hospitality, and the financial services industries have been plagued with cyber attack incidents. In contrast, the CRE sector considers itself to be relatively less at risk from a potential cyber attack. This is because CRE firms typically maintain relatively less consumer personally identifiable information (PII) and valuable intellectual property (IP) directly on their own technology systems.
Ed Powers, national managing principal, Cyber Risk Services, Deloitte & Touche LLP says, “In the pace of today’s climate, organizations cannot afford to slow innovation simply because it cannot be perfectly secured. But addressing those risks through a program to become secure, vigilant, and resilient is an essential component in achieving strategic and business performance objectives.”
Bob O’Brien, U.S. and Global Deloitte Real Estate Leader, and Surabhi Sheth, Real Estate research leader with Deloitte Center for Financial Services, have joined forced to write the report, Evolving Cyber Risk In Commercial Real Estate – What You Don’t Know Can Hurt You.
CRE companies are stepping up their use of new technologies such as cloud, mobile, and social media to drive building occupant engagement and operational efficiency. In addition, they are implementing increasingly sophisticated technology solutions for building management. Some of the commonly used solutions of this type include systems to control heating, ventilation, and air conditioning (HVAC), lighting, and/or safety systems. In fact, the U.S. building management system (BMS) market is expected to grow 7% to 9% annually during the 2014–2017 period, reaching $2.2 billion in annual spending by 2017.1
The increased use of BMS and intelligent buildings is adding layers of complexity in the CRE business and changing owner-occupant dynamics. This requires companies to lose their false sense of security and make appropriate investments in cyber security. CRE companies will benefit from understanding and re-evaluating current security and privacy practices.
So is there cyber risk in real estate–yes, there is! And it’s becoming more clear, as CRE companies implement technology-driven innovation, they also need to implement appropriate security measures to prevent and mitigate cyber intrusions.
1 “U.S. Building Automation Market Primed for Growth,” Electrical Construction and Maintenance, January 17, 2014.