During the 16th annual National Settlement Services Summit (NS3), slated for Sept. 1-3, attendees will have the opportunity to attend a track focused on cybersecurity. This is one of three tracks featured at the show.
The Cybersecurity Track is sponsored by Anderson Biro.
NS3 has a long history of facilitating cybersecurity and data privacy discussions and education. In 2012, Chris Gulotta, founder, the Gulotta Grabiner Law Group PLLC and Real Estate Data Shield (REDS), and Professor Paul Swartz presented on data privacy laws and compliance, specifically safeguarding nonpublic information. That discussion has evolved into a whole track focused on cybersecurity issues at NS3 this year and jump-started the privacy and cybersecurity discussion generally in the industry.
On Sept. 1, attendees may attend “Staying Cybersafe with the FTC,” in which Jarad Brown, an attorney in the Federal Trade Commission’s Division of Privacy and Identity Protection will share insights on monitoring service providers, using cloud security and how the FTC’s oversight has changed in 2020.
Later that day, Darren Abernethy, of counsel, Greenburg Traurig LLP, and Sasha Leonhardt, counsel, Buckly, LLP, will speak on recent federal and state laws around consumer protection in “Privacy Laws Clarified.”
On Sept. 2, Bruce Phillips, senior vice president and chief information security officer, west, a Williston Financial Group Company and Lance Kim, Special Agent, FBI Los Angeles Field Office High-Tech Transnational Organized Crime Squad, will discuss what cyberattacks look like and how cybercriminals succeed.
“Cybersecurity has always been critical in settlement services,” Phillips said. “This year with the start of the COVID-19 pandemic, cybercriminals have stepped up their game. We have seen a massive increase in attempts to redirect funds using fraudulent wire instructions. Now more than ever, understanding the tools and techniques cybercriminals are using against you is imperative.
“During this session, you will learn some of the tools and techniques that cybercriminals use in their attempts to redirect settlement funds, steal credentials for your network and bank accounts, and get ransomware on your computer to extort funds from you,” he continued. “At the end of this session, you should be able to identify suspicious activity that could lead to a cyberattack, and what to do when one occurs.”
During ”Preventing Wire Fraud,” Chris Gulotta, founder, the Gulotta Grabiner Law Group PLLC and Real Estate Data Shield (REDS) and Regina Lowrie, president and chief executive officer, Dytrix, will discuss how to protect your company and your transactions from being attacked by cybercriminals.
Gulotta said that the sophistication of fraudsters has improved exponentially. No longer are they sending grammatically incorrect emails using non-real estate terminology in an effort to trick someone into wiring money to a wrong account. Their social engineering tactics have evolved, making it harder for a company to detect.
“What we want to do is, on the awareness side, emphasize how over the last few years – and specifically in 2020 with increased remote access – how the risks to our industry are rising exponentially and how they need to be addressed,” Gulotta said. “That is the foundation for our discussion.
“The second part of our discussion is what are the practical steps and best practices that industry stakeholders should take to prepare for, and hopefully minimize their risk and potentially thwart those exponentially increasing risk vectors,” he continued.
Later, Aaron Davis, Florida Agency Network CEO; Maureen Pfaff, president and CEO, Olympic Peninsula Title Co.; and Jacques Waguespack, partner, Partners Title, will share their experiences surviving and thriving after a cyberattack in “Cybersecurity in Real Life.”
“Cybersecurity should always be an agents first priority,” Davis said. We are handling arguably the most sensitive data for our clients on a day to day basis. Drivers licenses, Social Security numbers, bank account information, and all other financial information needed to steal and falsify a client’s identity. Mix that with escrow accounts with millions of dollars, and constant movement of funds via wire, ACH, and checks makes for the perfect storm. Now add in this year’s complication of a pandemic, shifting our workforce to virtual and work from home, our focus on cybersecurity health and best practices have never been as important as they are right now.
“I hope to share our story of a large wire loss years ago, share the steps we put in place after, newfound opportunities, and deep dive into the pieces of the story you don’t typically hear about,” he continued. “I hope by sharing our experience it will give others confidence to share their stories as well, so that in a more unified voice we can have a more meaningful conversation with our regulators, the banks, and parties to the transaction as to how to best and more efficiently operate in today’s environment.”
On Sept. 3, attendees will learn steps to take to minimize the impact of a breach and how to move forward afterward in “Cyberattacked. Now What?” Matthew Froning, founder and CEO, Security Assurance Facilitation Experts LLC and Shelly Mannebach, Florida business development manager, Investors Title, will be leading this discussion.
“The incidents of cybersecurity breaches in companies have steadily grown in 2020, especially since many more employees are working remotely,” Mannebach said. “It is not a question anymore of ‘If’ a cyberattack will happen to your company but ‘When’ it will happen and how bad will it be? Many large companies have resources to outsource cybersecurity solutions and prepare their employees/company for a security breach. However, many small to mid-size companies do not, which makes them extremely vulnerable to an attack. It is important for a company in today’s business world to know the steps to take when a cybersecurity breach happens to them.
“We will be covering what steps in a Recovery Response Plan to take if your company has been compromised, what to know about cyberinsurance, who should be on your internal recovery response team and how to complete a plan/process assessment to implement next best steps to avoid the same breach occurring in the future,” she said.
For more information on the 2020 NS3, including the agenda and a list of speakers, click here. You can register for NS3 online or click here to get information on how to register via mail, fax or phone.