Page 23 - RC2020-EDGEMagazine_SummerEdition
P. 23
CRE executives now identify cybersecurity compromises
as a critical enterprise-wide risk, alongside traditional
liabilities like loss of tenants, underperforming assets,
and operational inefficiencies.
particularly true of devices and apps that are being
rushed to market to help combat COVID-19.
The result? Skyrocketing risks to unsecured devices, data,
networks, and privacy—both those of CRE companies and
their downstream business partners and consumers. It’s
no wonder, then, that forward-thinking CRE executives
now identify cybersecurity compromises as a critical
enterprise-wide risk, alongside traditional liabilities like
loss of tenants, underperforming assets, and operational
inefficiencies.
It is a risk that carries potentially disastrous
repercussions. The most common cyber attacks on
CRE companies include business email compromise,
ransomware, cloud computing hacks, and takedowns of
infrastructure like building-management systems and
IoT devices. While the impacts are primarily financial
and operational, a highly public data compromise can Residential buildings may also be required to monitor
also severely damage corporate reputations and erode human temperatures and track locations. If an individual
tenant and occupant trust. Today’s consumers are more tests positive for coronavirus, for example, building
aware of data-collection and sharing practices, and owners may be required to analyze and correlate
often perceive privacy violations as a breach of trust and information to recommend quarantine to those recently in
ethics—and a reason to reconsider their relationship with contact with the infected person.
the business.
Building owners should also understand the relationship
The Impact of COVID-19 between data privacy and ethics, which are essential to
In addition to evolving cyberthreats, building owners maintaining trust among customers and business partners.
are facing new data-privacy challenges arising from Good ethical policies dictate that organizations communicate,
COVID-19. Many CRE firms are implementing tools in plain English, what personal data is being collected, stored,
and processes designed to create a safe, healthy work and shared, and for what specific purposes. When monitoring
environment and monitor the wellbeing of the workforce. individuals, organizations will need to carefully balance the
ethical use of personal data and requirements imposed by
Some building owners, for instance, are deploying radar governments related to national health.
sensors to monitor the temperatures of employees to
facilitate reopening of buildings and to anticipate possible As noted, these types of new solutions will produce
mandates to share health data with government agencies more personal information about tenants, visitors, and
like the Centers for Disease Control and Prevention employees that must be managed and protected. Doing
(CDC). Protected health information (PHI) represents a so will require updated data management and ethical
significant risk because it is highly personal and regulated privacy processes to safeguard collection and sharing of
by the Health Information Privacy and Portability Act personal information.
(HIPPA). Similarly, building owners or tenants that use
new tools like contact tracing or location apps will need The Primacy of Privacy
to take great care in safeguarding any personal data that Beyond rising cyberattack risks and new vulnerabilities
is produced. introduced by COVID-19, CRE companies face increased
21
