Keeping information safe and secure is a challenging development for businesses of all sizes over the last few years, including public and affordable housing organizations. Expeditious shifts from in-person to online to hybrid workplaces forced companies to change, or at least reexamine, their cybersecurity practices and protocols, and far too often they weren’t prepared. 

October is Cybersecurity Awareness Month, now in its 19th year. So why should you—someone working in the housing industry—care about cybersecurity? Public and affordable organizations are being breached by cybercriminals with increasing frequency.

The staff at Denver Housing Authority (DHA) weren't blind to the possibility of a cyberattack.

In fact, staff had taken steps in 2021 to address the organization's cybersecurity vulnerabilities, said Jim DiPaolo, DHA's deputy CFO. But in September 2021, disaster struck—DHA was completely locked out of the files and systems it relies on due to a ransomware attack. 

"We had a fairly good business continuity plan," DiPaolo said during a June 2022 interview with HAI Group. "We were backing up our systems, and felt that we had a fairly strong [cybersecurity] program that wasn't going to be open to this type of threat."

The housing industry continues to be an attractive target for cybercriminals, who can do real damage to your agency in a matter of minutes. Fortunately, there are organizations like the Center for Internet Security (CIS), whose singular goal is to help you keep your IT systems and data secure.

Even the best-prepared organization is vulnerable to cybercriminals seeking to hold data and systems hostage in exchange for payment. Ransomware attacks, as they’re known, impact every industry. Since 2016, the U.S. has experienced around 4,000 ransomware attacks daily.

Cybercriminals would like nothing more than to hold your housing organization’s system and sensitive data hostage.

Your organization's IT team, in-house or contracted, serves as one of its front-line defenses against cybercriminals. As cybersecurity attacks become more common in the affordable housing industry, there's no better time to evaluate your IT team's ability to:

We tend to fancy our passwords as undecipherable, but the data clearly shows otherwise: 60% of the breaches analyzed in Verizon’s 2021 Data Breach Investigation Report leveraged weak or stolen passwords. Cybercriminals aren’t just guessing our passwords; they’re making well-informed guesses. They can use several methods and tools to hack passwords, such as programs that record keystrokes, social engineering (e.g., phishing), and password dictionary databases with lists of the most commonly used password phrases.

It’s common to assume your general liability insurance policy covers cyber liability. The reality is that these policies are separate but equally important in today’s landscape. General liability coverage protects housing organizations from a wide range of exposures, including injuries and property damage, but isn’t designed to handle the nuance of cyber risk.

There’s a spine-chilling uptick in cyberattacks—the FBI received a record number of cyber-related complaints last year, with reported losses of over $4.1 billion. A housing organization might not seem like the most lucrative target for a hacker (compared to a billion-dollar private sector business), but criminals are opportunists.