In today’s world of digital transformation — with data proliferating, transactions moving online and the Internet of Things connecting everyone with everything — cybercrime is one of the biggest threats facing nearly all organizations. Those engaged in commercial real estate are no exception, yet many are alarmingly unprepared.

Although, to date, the commercial real estate industry has not been a primary target for cyberattacks, it is not immune. In September 2014, a publicly traded REIT that specializes in West Coast multifamily residential properties reported a cyber intrusion on its computer networks that contained personal and proprietary information. The breach actually occurred before April of that year, with evidence some systems had been compromised as far back as August 2013 — almost a year before the problem was reported.

The fallout was significant.

In fourth quarter 2014, the REIT recorded $2.8 million in attack-related expenses, including co