top of page

Cybersecurity and Data Privacy: Real Estate Capital Markets

Updated: May 10, 2022

On Friday, 25th of January, I attended for the third year the annual Real Estate Capital Markets (RECM) conference, a Goodwin Law and Columbia Business School sponsored panel discussions on real estate capital market topics.

The conference was kicked off by Tom Flexner, Vice Chairman of ICG and Citigroup Global Head of Real Estate, with his insights of the state of the U.S. and global real estate capital markets, REITs, and the private and IPO markets.

Following were executives Trish Barrigan, with Benson Elliot Capital; Ted Bigman, with Morgan Stanley; and Ann Cole, with J.P. Morgan, who gave their views on the flow of global capital for commercial real estate investments, the global economic outlook, and potential impacts to their organization’s investing decisions.

The consensus was that the markets would invest cautiously and be risk adverse in 2019 and we could potentially enter a U.S. and global recession starting in 12-18 months.

Next up at the RECM conference was the panel discussion titled: Innovation and Disruption: Investing in Tech to Drive Value, as the topic turned to technology.

Zach Aarons, co-founder and partner of New York’s MetaProp was the moderator and real estate venture capital firm executives, including Robert Entin, Vornado Realty Trust; John Helm, Real Estate Technology Ventures; Merritt Hummer, Bain Capital Ventures; and Kent Tarrach, Brookfield, discussed their firm’s focus of technology investments.  As for these executives and as I hear in most PropTech conferences, the customer experience and smart building technology are key initiatives.

Zach Aarons touched on cybersecurity and GDPR as it relates to the real estate markets, but that topic ended there.  I wanted to hear more as I mentioned to Zach after the conference.

In my review of market practices and internet searches, it shows how few articles have been written on the topic of cybersecurity as it relates to the real estate and finance markets or how these organization’s operations are vulnerable to cyber crimes.  Only recently have these organizations begun to address their cyber vulnerabilities.

The topic of cybersecurity and data privacy does get some notoriety, especially after Artificial Intelligence (AI) which seems to be the hot topic of the day as it relates to “Innovation and Disruption” and in recent years the topics of driverless cars and blockchain.

Even at Davos, according to Huw van Steenis, Senior Adviser to the Governor, Bank of England, says: “Artificial intelligence (AI) has replaced blockchain as the big conversation for executives, second only to US-China trade. There were 11 public sessions on AI, the most of any topic.”

I believe that commercial real estate and finance related firms are especially vulnerable to cyber attacks. Commercial real estate interfaces with so many others – investors, buyers, sellers, brokers, lenders, banks, title, escrow, and law firms – that knowing where the data comes from, how it is processed, and where it goes is critical to the security of the data.

Data today is considered a corporate resource.  The success of a company measures the utilization of its knowledge and information to gain traction over its competitors.  Processes and procedures need to be in place to protect this valuable corporate asset.  However, for example, the amount of data required for a real estate transaction or for managing an equity or debt asset has increased significantly.  Combined with the new requirements with the EU GDPR and other various U.S. state laws to protect personally identifiable information (PII) and the increase in the use of digitization, such as electronic documentation repositories and e-signature contracts, a “perfect storm” is created for cyber security breaches.

It is critical, I believe, that properly created, handled, and protected data offers a competitive advantage.

Cybersecurity and data privacy compliance will become even more of a hot topic at future real estate and finance related conferences in 2019 and beyond as the many data compliance laws that are recently and in the process of being enacted in the U.S., Canada, EU, and other countries are defined, refined and discussed.

Christine Baird is the CEO of Clarus Tech Partners, a New York and California based technology company, and with her team of IT, legal, cybersecurity, and compliance experts they advise and implement cybersecurity and data privacy compliance solutions. Read Christine Baird’s article about how to develop a cybersecurity program for your organization.



Commenting has been turned off.
bottom of page