Mortgage Industry Solutions

mortgage-house.jpeg

The mortgage industry faces significant risks in the cyber security space. The largest risk factor is the theft of personally identifiable information (PII). 

According to Scotsman Guide

Arguably, mortgage originators collect more personal data from their customers than most other players in the financial services sector. This makes them a desirable target for cyber attackers. Typical home-loan applications require mortgage originators to acquire the following from borrowers.

  • Tax returns and W-2 forms  
  • Driver licenses and other IDs 
  • Pay stubs 
  • Confidential credit-report information 
  • Recent bills 
  • Banking statements

The Hackers Perspective

The hacker’s perspective on the mortgage industry is that of a soft target with a high value treasure of personally identifiable information (PII). Furthermore, once the mortgage industry clients have their PII stolen you can never get it back: it’s sold and brokered on the dark web forever.

mortgage-servers-sm.jpeg

Adding further risk and liability to the mortgage industry are the following considerations:

  • Gramm–Leach–Bliley Act (GLBA). GLBA mandates the notification of the consumer that their information is irrevocably stolen.
  • Use of ransomware to extort money once your servers and data are encrypted.
  • Migration of PII to the cloud.
  • Prevalent use of self-service portals and unsecured mobile devices. 
  • The human element and social engineering facet to hacking and ransomware delivery.  

Optium Solutions - Detection and mitigation

The human element is a risk factor most mortgage industry organizations don’t consider. It would be relatively easy to use email as a vehicle for malicious links or attachments that allows ransomware or a bevy of other very costly attacks to encrypt your data for ransom or simply bring your business to a halt.

Optium Cyber Systems consulting practice can uncover these risk factors; helping to protect your client's personally identifiable information (PII) from ransomware, hacking, and social engineering attempts.  Click below to contact us an learn more about how we can reduce your business risk.