22 Jul ALTA Responds to Our Advocating for a Safer Title Insurance Industry
Thank you very much for reaching out to welcome Diane and for your continuing support of ALTA programs. We are delighted to count you among our vendor partners and hope the opportunities we can provide to connect you with ALTA members work for your business objectives now and in the future.
I see that Cloudstar has a listing in the ALTA Marketplace (https://www.alta.org/marketplace/profile.cfm?id=1114375) but I wonder if you’ve considered becoming an Elite Provider. With so many free services providing phishing tools, that could be another way to distinguish Cloudstar and MortgagePhish and elevate your visibility in the title industry. Just a thought!
We’re definitely here to help so please reach out any time I can be of service.
Kelly Lyn Romeo, CAE
Vice President | American Land Title Association
Executive Director | ALTA’s Land Title Institute
From: Diane Tomb <[email protected]>
Sent: Thursday, July 18, 2019 11:44 AM
To: Roland DuBeau <[email protected]>
Cc: Kelly Romeo <[email protected]>
Subject: RE: Combating Cybercrime in the Title Industry
Roland-Thank you so much for reaching out and your continued support of ALTA. I look forward to meeting you in person at ALTA One in Austin this year. I have cc’d Kelly Romeo who is our expert in this area and can serve as your point of contact on phishing issues in our industry.
Look forward to working with you to address these issues on behalf of the industry.
Diane L. Tomb
American Land Title Association
1800 M St. NW, Suite 300S
Washington, DC 20036
Ph: (202) 296-3671 / (800) 787-ALTA (2582) (ext. 218)
Fax: (202) 223-5843 / (888) FAX-ALTA (329-2582)
Stay connected with ALTA on Facebook, LinkedIn
I hope this email finds you well. First off, congratulations on your new role. Heading up an industry trade organization is no easy task, especially with the present cybercrime environment in our industry. Let me tell you, we are fighting the same fight daily. As an ALTA member organization, we are thrilled to see you shouting from the mountain top the dire need to take action regarding cybersecurity within our industry.
As you know, your own research shows that 75% of Agents do not conduct phishing tests. Current information security industry statistics indicate that 90% of compromises start with a phishing email. It’s a sobering reality, without a remedy in sight.
Without rambling on anymore about what you already know, let me introduce myself and Cloudstar. Cloudstar is a Cloud Computing Services company based out of Jacksonville, FL whose focus has always been on the Settlements Industry. We provide services to over 1200 Agents and email services to roughly 35000. Personally, I’m new to the organization, but am a long-time information technology executive with a focus on information security.
In January of this year, I was chartered to develop, design and implement a branded solution to help combat the above statistics. Our solution, MortgagePhish, is available today. Our platform is a complete managed security awareness solution for phishing simulation testing and training through continued engagement and gamification. Unlike other non-industry specific solutions, we focus on real-world settlement workflow simulation. We also provide a mechanism to test an organization’s infrastructure against multiple attack scenarios analogous to ransomware, social engineering, and of course wire fraud. Unfortunately, wire-fraud is the only headline getting publicity. The daily number of compromised systems and users that go unreported is staggering. Furthermore, the number of compromised users that are unaware and waiting to be exploited is unknown.
Unfortunately, our industry is under attack. We know MortagePhish isn’t the entire answer to the problem, and neither is technology. Case in point; within our solution, we have the capability today with AI to analyze, triage, risk score and quarantine suspicious emails in real-time. These advanced technology enhancements cost money, probably more than your average small title company is willing to spend. Limited operating budgets are a common theme with any small business.
We certainly understand the dilemma, as we witnessed Dodd-Frank and the slow adoption of email encryption. It took us years to convince title companies it is was required and they needed to pay for it. The ultimate question is: Are small vulnerable organizations willing to spend $10/mo per user to protect themselves? Our marketing studies and experience tell us it’s the #1 challenge, closely followed by their lack of IT maturity. As you can see, it’s the perfect storm.
Ideally we would love to see lenders & underwriters subsidize the costs, but we haven’t had any takers thus far. For Cloudstar, security awareness training is required as part of our annual AICPA SOC-2 compliance audit. We have the security controls, processes, policies, and accountability to protect our clients; to us it is the cost of doing business.
Security awareness policies and best practices must be implemented into these organizations if we want to see any noticeable impact. Like many employee policies, it has to be measurable and enforceable and the stakeholders must be held accountable. We are a company with a solution that can help, and we need to move mountains collectively to see change.
Diane, the intent of this email is not an endorsement attempt or a sales pitch, but only intended to open a line of communication and collaboration. We welcome any feedback you may have or advice you can provide. We are sponsoring and will be attending ALTA One in Austin, and hope for the opportunity to meet in person. In the meantime, below are a couple of MortgagePhish links you can reference.
1.800.340.5780 – ext 1039
1.866.224.9075 – fax
“Cloudstar Simple, Cloudstar Smart! ™“
Schedule a meeting with me. https://meetings.hubspot.com/rdubeau
NOTE: Technical Support requests should be directed to [email protected]