We make the connected world the protected world – rapidly, discretely.
Practice Group Leader: Timothy J. Pastore
For centuries, protecting real estate assets meant little more than providing for adequate physical security. Lock your doors, put up a fence (or a moat), shine some lights (or a torch), hire a guard (or an army).
Things are a little more complicated today.
In an increasingly connected and data driven universe, cybersecurity now poses equal, if not greater, risk to real estate assets than does physically securing real property.
Building management systems - lighting, access control, heating and air-conditioning systems - are now all subject to cyberattack.
Real estate closings – historically done in person – are now generally done by email and subject to phishing scams.
Record keeping of sensitive personal and corporate data – previously done on paper – is now predominantly done electronically and subject to breach.
The movement of money – previously by check or cash – is now ubiquitously done by wire transfer or even cryptocurrency, and subject to diversion or fraud.
In a changing world, one thing remains constant. Criminals do bad things.
Property managers, institutional investors, funds, lenders, borrowers, developers, brokers/agents, appraisers, multiservice real estate firms and others hold significant amounts of confidential third-party information in vast, tangled electronic communications systems and networks. This may include personally identifiable information (social security numbers, addresses, etc.) and/or confidential corporate information (tenant lists, financial models, appraisals, banking records, etc.) - all the type of information cybercriminals target.
Hackers are diverting funds with stolen wiring instructions, gathering and trading on information about pending real estate transactions, seizing electronic building controls, and duping untrained and unsuspecting employees to gain access to highly sensitive financial and personal data used in sophisticated real estate transactions.
Any real estate player saving confidential information about employees, customers, clients, or third-parties must assure confidentiality and security. Real estate companies that use, collect, process or store identifiable information face potential liability from emerging privacy laws in the US and abroad. In addition to common law principles, there is an increasingly complex and varied array of state, federal and international privacy laws which must be navigated and understood.
As the Pure Play in Real Estate Law®, Duval & Stachenfeld LLP is uniquely positioned to provide our commercial real estate clients with innovative structures, processes, and policies to enable them to comply with these increasingly complex (and often conflicting) regulatory environments.
This where D&S’s Real Estate Cybersecurity Practice Group can help.
Led by partner Timothy J. Pastore (a/k/a, Captain Tim) – accompanied by real estate partner Elsa Ben-Shimon – and our Chief Technology Officer, Maria Aksentyan – the Real Estate Cybersecurity Practice Group is here to advise and protect our real estate clients against the perils of the cyberworld.
Captain Tim is a former U.S. Air Force JAG and federal prosecutor – and a perennial Super Lawyer.
Notably, he represents some of the largest companies in the world on various security matters, including Comcast, Charter, Time Warner Cable, Cox, Altice, Mediacom, Brighthouse, Protection One and others. He also represents developers, institutional investors, special servicers and others in the commercial real estate world. This blend of experience uniquely positions Tim to help our commercial real estate clients in this complicated, confusing and scary area.
Among other topics, Tim has lectured on:
- The Evolving Cyber Threat for Connected Devices and Cloud-based Services
- The Evolving Cybersecurity Legal Landscape
- Department of Homeland Security’s Framework and Principles for IoT Devices
Since cybersecurity has particular concerns for the real estate world, Tim has teamed himself with Elsa Ben-Shimon, who is a partner in our real estate group. In this capacity, Elsa has handled hundreds of real estate deals. In addition, Elsa is the leader of our Firm’s efforts with real estate technology companies, many of which are transforming and disrupting the real estate industry.
And of course no cybersecurity team would be complete without a star-quality “techie”. Our Chief Technology Officer, Maria Aksentyan, has protected us from many years for all manner of worms, bugs, viruses and other invaders. Among other programs, Maria routinely drills her troops – i.e. our law firm – with tricks and traps to catch us falling for scams of all nature. Nothing is more embarrassing than being caught by Maria’s trickery and, as a result, we are all on consistent high alert.
The services offered by the Real Estate Cybersecurity Practice Group include:
Managing communications with appropriate regulatory authorities
Preparation and development of and guidance on privacy policies, data retention protocols, data protection memoranda, and privacy impact assessments.
Ongoing GDPR compliance.
Advising on cybercrime and data breach insurance policies and claims.
Cybercrime incident preparedness, response, breach notifications, and related internal and external investigations.
Reviewing and analyzing customer and vendor agreements.
International data protection compliance programs and audits, and responses to government compliance reviews.
Disclosure of data to law enforcement authorities.
On site staff training and application of internal security protocols.
Managing and defending litigation stemming from data breaches, including class actions, shareholder derivative actions, securities fraud cases and regulatory enforcement actions.
At D&S, we know the real estate world, we know the connected world, and we know how to protect both.
The biographies of the partners in the Real Estate Cybersecurity Practice Group are as follows: