Procure IT Improves Security Risk for Real Estate Firm After $1M Loss

One of the country’s largest commercial real estate companies turned to Procure IT for help after losing more than $1 million in a cybersecurity attack. Procure IT helped the company to shore up its s

Written by
Brian Leonard
Published
February 6, 2024

Procure IT Improves Security Risk for Real Estate Firm After $1M Loss

One of the country’s largest commercial real estate companies turned to Procure IT for help after losing more than $1 million in a cybersecurity attack. Procure IT helped the company to shore up its security risk posture.

Client Profile

This multibillion national commercial real estate firm operates in more than 12 major U.S. markets with divisions focused on the office, industry, retail and data center segments. The company employs more than 1,000  professionals who offer leasing, property management, tenant and landlord representation, investment management and sales, development, construction management, workplace strategies and more.

Challenge

The real estate company fell victim to wire transfer fraud following a business email compromise (BEC) of one of their clients. The hacker inspected the user’s inbox and inserted themselves into an email conversation using a lookalike domain. Before discovering the ruse, the real estate company made several payments to the cybercriminal totaling more than $1 million. The company needed to review its security processes and solutions to protect against similar fraud in the future.

Engagement

Through a third party, the real estate company connected with Procure IT Managing Partner Dylan Bouterse, who introduced Procure IT’s consultative technology procurement model, which includes IT and security services.

Discovery

The Procure IT security team discovered:

•The organization relied on built-in Microsoft security protection.

•The IT team was experienced and diligent and had invested in best practices, but the malicious party found a gap.

•The finance department had intentional processes for data validation, but it was contained in Word documents and spreadsheets, so it could not be policed or enforced, allowing for human error.

“We didn’t find any negligence, but a lack of communication and accountability between departments, which is common as companies grow in size,” said Bouterse. “It’s critical for IT and finance to work together to reduce risk.”

The real estate firm engaged Procure IT to help them identify tools to close the gap and mitigate future security risks.

Solution

Procure IT recommended – and the client agreed to implement – a multilayered approach, including:

•Next-gen email security with AI-powered filtering technology and natural language processing to inspect the context of communications.

•A rules-based software platform that ensures processes and procedures are followed for every wire transaction and performs risk analysis on each transaction based on its data points.

“What we’re doing is more than only mitigating the risk in wire transfers,” said Bouterse. “We  also implemented increased scrutiny on business email threats like ransomware, phishing, whaling, misdirected emails, and business email compromise that are at the heart of most breaches.”

Procure IT’s consultants assisted the real estate company with sourcing vendors, pricing, terms and contract negotiations. For example, they vetted 15 integrated cloud email security (ICES) providers before bringing a short list of best-fit vendors to the client for consideration. The project management team also represented the company throughout the implementation of both solutions to ensure that timelines were met.

“We’re focused on the success of the client and meeting their needs, not winning a deal for the supplier,” said Bouterse.

Results

“It’s often challenging for IT teams to justify a budget for risk mitigation tools,” said Bouterse. “How do you prove that you’ve mitigated a risk?”

With the AI-driven email security solution, we’re able to see statistics that prove that phishing, malware  and business email compromise have been identified and blocked. The email security solution also establishes a per-user risk calculation based on intrinsic risk, inbound/outbound email telemetry, open-source intelligence (OSI) and data from the security awareness training platform. It also has programmatic elements that help educate employees about what they should look for to identify social engineering attempts, like phishing and first-time senders.

The wire fraud prevention platform provides a risk score for every wire transaction and also codified the wire transfer processes with checks and balances that cannot be circumvented, giving the real estate company confidence that its security posture is high.

Company News

The IT procurement platform that saves you money & pays for itself

Optimize IT spend

Similiar posts

No items found.
No items found.

Tried. Tested. Trusted.

HQ - Texas (214) 637-4900
400 N Ervay St #132940
SMB#56241
Dallas, TX, 75313

Florida (321) 710-9648
522 S Hunt Club Blvd. #127
Apopka, FL, 32703

Team Solutions
Administration
Board
Executive
Finance Professionals
Head of Department
Security
Supply chain
Use Case Solutions
CCaaS
Cloud Backup
Compliance
Connectivity
Data Centers
Disaster Recovery
Expense Management
Google Workspace
IT Lifecycle Management
IT Recruiting
Labor Solutions
Managed Services
Microsoft 365
Microsoft 365
Mobility
Private Cloud
Professional Services
Public Cloud
SASE
SDWAN
Security
UCaaS
Virtual Desktop
Verticals
Automotive
Education
Federal
Finance
Healthcare
Hospitality
Logistics
Manufacturing
Non Profit
Real Estate
Retail
Software
State and Local
Procure More
About Us
Customers
Careers
Blog

Copyright ©2023 Procure IT

Terms of ServiceCookies