The minimum bar should be to run a background check on
everyone with access to investor and project information
working in your circle.
CYBERINSURANCE HAS BECOME A
NECESSITY
Cyberinsurance might have seemed like a ridiculous waste of
money just a few years ago, but now it is an absolute necessity
as part of your continuity of operations plan. What would happen
to your business while you are defending your company against
claims from a cyberattack?
Most EB-5 regional centers wouldn’t survive, costing investors
their funds and green cards. Travel is an important part of the
EB-5 business model, during which time data is perhaps most
vulnerable. You’ve heard stories about government laptops
that were stolen and contained millions of people’s personal
information, which means the entire database was replicated on
that device.
Most people have stopped doing that, but it is very dangerous to
have that much data concentrated within an unsecured device.
You log in to your office technology over public Wi-Fi or the free
Wi-Fi provided by the vendors you patronize, often not realizing
that your information could be captured for use by cybercriminals
who pay to machine read your transmission, searching for ways
to steal your data.
This is just another day at the office for them. Using your mobile
device as a hotspot is convenient, but it makes that hotspot a
vulnerability. Be certain that all your people have more than just
simple virus protection on their laptops and mobile devices. Each
unprotected device is an open door for cybercriminals.
Regional centers are financial institutions that, in many
cases, handle transactions totaling hundreds of millions in
foreign investor funds, combined with at least that much in
domestic money. Cyberthreats are a real and present risk to the
investments and reputations of investors, regional center owners
and project owners. While some regional centers conduct
impressive self-imposed security procedures, unfortunately,
many of these exposures are not understood and therefore
overlooked or ignored by far too many. Expect integrity measures
to include provisions for ensuring the security of investor
information in the future. Be prepared and do a sel