For estate and letting agents, ‘security’ is often associated with locks, bolts and burglar alarms to protect against theft and physical damage to properties.
But it is important for estate and letting agents to ensure that their cybercrime security is just as watertight – with an increased reliance on technology providing cyber criminals with a new means to attack businesses in the sector with greater frequency.
Almost 40% of UK businesses experienced a cyber-attack in 2020, according to the Department for Digital, Culture, Media and Sport’s Cyber Security Breaches Survey.
Financial losses suffered following cyber incidents can be significant, especially where ransomware is involved. The average cost of an attack to smaller businesses in 2020 was £8,460, increasing to £13,400 for mid to large corporates.
Under GDPR regulations, businesses can also be fined up to €20 million or 4% of their turnover (whichever is the higher figure) in the event of customers’ personal identifiable information being lost, stolen, or leaked.
Also, companies are likely to experience substantial downtime between an incident occurring and its resolution, affecting the ability to operate, and the incident could also have a significant effect on client confidence and brand reputation.
There are a number of factors which make estate and letting agents a prime target for cyber-criminals.
Agents hold a significant amount of sensitive data – including client addresses, personal information and account details, which could be stolen to carry out identity theft. And the large volume of data available makes agents vulnerable to ransomware attacks.
These attacks involve hackers breaking into networks of organisations and installing malware that prevents users from accessing their computers or the data that is stored on it, before demanding a ransom.
Some criminals also threaten to release sensitive data stolen from the network during the attack if the ransom is not paid.
Although best cybersecurity practices are important – such as ensuring employees have strong passwords in place, conducting regular systems and software updates, and turning on multiple-factor authentication –agents are leaving themselves exposed to financial and reputational damage if they don’t also consider having specialist cyber insurance in place.
As cyber risk exposures are constantly evolving and can vary greatly from one organisation to the next, a specialist insurance broker can help to assess the specific risks faced by the business, identify any gaps in the current cybersecurity setup, and then determine what type of cover is appropriate.
Though insurance cannot protect an estate or letting agent from cyber-crime completely, it can help the business recover should its data or electronic systems be lost, damaged, stolen or corrupted – responding to the immediate impact of an attack by working to quickly restore network systems and data, while seeking to minimise business interruption, including covering loss of income during any periods of disruption.
A range of support measures are also included such as help with developing cyber risk management procedures, and access to breach response teams, legal advice and forensic IT consultants in the event of an attack.
With cyber criminals constantly finding new ways to hack into businesses, there isn’t a one size fits all approach to cyber risk management.
Never has it been more important for estate and letting agents to adopt a multi-layered approach to cyber security – including having comprehensive insurance cover in place, ensuring software is up-to-date, and implementing employee awareness training, which can even be provided as part of an insurance policy – which will stand them in good stead to cope with any potential attacks.”
Natasha Barrow, is Account Director at Gallagher, Propertymark’s approved insurance supplier.