By Alexander J. Narcise and Robert Risk

The real estate world has become increasingly exposed to cyber-attacks given the increase in the amount of multi-family properties that have been developed over the last few years. Developers who were never before in the multi-family market are now collecting personal data from thousands of individuals. Even commercial properties possess very private tenant financial information that could cause harm if penetrated, and regular insurance alone does not cover a loss from cyber-attacks. In addition to the private third-party information that real estate owners withhold, they also are exposed to many phishing schemes from hackers, designed to scam people out of money. In the past, hackers needed to have a good understanding of technology in order to create a cyber-attack; However, those days are gone, as technology has evolved.

As cyber risk outbreaks continue to multiply, failing to protect an organizations’ valuable information is no longer an option; It is important that real estate owners are aware of this rising issue and allocate the proper resources to provide their organizations’ with superior network defense.

Centering on the real estate sector, with systems such as fire alarms, sprinkler systems, elevators, computers, and lighting, it’s not arduous to envision a hacker manipulating any one of these operations. Remotely-accessible control systems spawn an immense amount of exposure in several income-producing real estate sectors including commercial office, corporate office, campus, retail, leased residential and industrial.

To properly defend your investments, you should consult with a firm that specializes in cybersecurity and provides a no obligation consultation. Some items to keep in mind as you aim to protect your organization are as follows:

Shield your assets

Before you begin the cybersecurity process, you must identify which specific resources you need to safeguard. To conclude what high-tech protection is best suited for your business, it is crucial to evaluate which components require the most fortification.

Be aware of owner liability

Security is no longer exclusively a physical concern. As technology augments and evolves, your company will be exposed to internal and external dangers. Systems that control tenant information, air conditioning, door locks, and lighting, are vulnerable to all types of technological hacking. Thus, by remaining conscious of these threats and acting to shelter those appliances, your information can be sealed from any encroaching danger.

Watch out for phishing schemes and safeguard passwords

Employees who are handling financials are being exposed by hackers who pretend to be the owner, using emails that look real in an attempt to direct employees to wire money to fraudulent accounts. Under no circumstances should an employee send money unless they speak with the requestor directly. A phone call will serve as an added layer of protection that could save the organization money and headaches. Additionally, as an extra precaution, passwords to files should never be sent over email, but rather a text to the recipient.

Have procedures in place for the upkeep and erasure of private records

Data kept in reports, leases, and rental contracts can be fiercely targeted by cybercriminals. Hence, having measures set for any brand of destruction on your company’s confidential archives will guarantee that such information is kept for however long is reasonably required, then erased when needed. This vital practice can be completed through software that can delete material from hard drives and halts hackers from reviving any deleted information.

If outsourcing to a third party, it must be properly governed

While real estate firms consider outsourcing data storage, the utilization of a third-party must to be correctly supervised by inserting prescribed accountability such as communicating any technological issues to the service provider. In the not too distant future, technologies like Blockchain a distributed database that contains a flourishing record of data shielded from any intrusion, will preserve this practice and act as an efficient third-party verification facilities for real estate companies.

Once you have selected your Cybersecurity strategies and tools, it is recommended that you hire a third party to test the strength of those tools annually through Vulnerability or Penetration Testing. Forthcoming legislation will magnify the emphasis of cybersecurity towards modern organizations to swiftly and suitably tackle these vulnerabilities habitually omitted in years prior. The union of physical and technical defense can safeguard industries contained within today’s progressive and interconnected domain, allowing companies to pivot their attention to their clients and daily business functions.

Alex Narcise, CPA is the Partner in Charge of the Real Estate Accounting and Construction Services Group, specializing in all areas of accounting, audit and tax for family owned real estate businesses. Reach him at or 973.994.9400.

Robert Risk is Director of Technical Advisory Services at Wiss & Company where he aids businesses with strategic decisions, system implementations and aligning Information Technology with organizational goals, enabling immediate savings with long term profitable growth. Reach him at or 973.994.9400.


Reach out to a Wiss team member for more information or assistance.

Contact Us