Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
DEFINING CYBERSECURITY
THE IMPACT ON YOUR COMMERCIAL
REAL ESTATE PORTFOLIO
The global cybersecurity market is currently worth more than $107 billion in
2015 and is expected to surpass $170 billion ...
DEFINING CYBERSECURITY
The federal real estate market has experienced a significant decrease in demand in the
first half of this decade. Executiv...
The effects of the Initiatives, Acts and Orders
outlined above have already had an impact on
the DC Metro Commercial RE ma...
DEFINING CYBERSECURITY
A GLOSSARY
This glossary is a collection of commonly used cyber related terms. It is meant as a
primer for understanding basic indust...
A GLOSSARY: OFFENSIVE CYBERSECURITY
OFFENSIVE CYBER
ATTACK (CYBERATTACK) – An attempt to
gain unauthorized access to syste...
A GLOSSARY: OFFENSIVE CYBERSECURITY
OFFENSIVE CYBER
BOTNET – A collection of computers
compromised by malicious code and
c...
A GLOSSARY: OFFENSIVE CYBERSECURITY
OFFENSIVE CYBER
THEFT – The primary goal of hackers, cyber
related theft typically is ...
A GLOSSARY: OFFENSIVE CYBERSECURITY
DEFENSIVE CYBER
ANTISPYWARE SOFTWARE – A program
that specializes in detecting and blo...
A GLOSSARY: OFFENSIVE CYBERSECURITY
DEFENSIVE CYBER
DIGITAL FORENSICS – Gathering,
retaining, and analyzing system-related...
DEFINING CYBERSECURITY
THE INFRASTRUCTURE LANDSCAPE
THE INFRASTRUCTURE LANDSCAPE
With cybersecurity growing as a major concern for both the government and the private
sector,...
THE INFRASTRUCTURE LANDSCAPE
FARMS/FOOD
PROCESSING PLANTS
CABLE FIBER DELIVERY SERVICES
(E.G TRUCKS)
GOVERNMENT
FACILITIES...
THE INFRASTRUCTURE LANDSCAPE
CYBER INFRASTRUCTURE
INFORMATION
TECHNOLOGY
CONTROL
SYSTEMS
HARDWARESOFTWARE
INTERNET
THE INFRASTRUCTURE LANDSCAPE
FOOD &
AGRICULTURE
DAMS ENERGY
CRITICAL INFRASTRUCTURE
BANKING &
FINANCE
CHEMICAL COMMERCIAL
...
THE INFRASTRUCTURE LANDSCAPE
GOVERNMENT
FACILITIES
HELTHCARE &
PUBLIC HEALTH
CRITICAL INFRASTRUCTURE
NATIONAL MONUMENTS
& ...
DEFINING CYBERSECURITY
CYBERSECURITY THREATS
BY INDUSTRY
CYBERSECURITY THREATS BY INDUSTRY
With cybersecurity growing as a major concern for both the government and the private
se...
CYBERSECURITY THREATS BY INDUSTRY
BANKS
Denial-of-service, fraud, botnets
and web authentication attacks
US Secret Service...
CYBERSECURITY THREATS BY INDUSTRY
CREDIT CARD PROCESSORS
Denial-of-service, fraud, botnets
and web authentication attacks
...
CYBERSECURITY THREATS BY INDUSTRY
DEFENSE/INDUSTRIAL SECTOR
Zero-day hacks, remote access
and phishing
Department of Defen...
CYBERSECURITY THREATS BY INDUSTRY
HOSPITALITY
Point-of-sale compromise
(credit cards), open Wifi
and admin accounts
US Sec...
CYBERSECURITY THREATS BY INDUSTRY
HOSPITALITY
Phishing, zero-day attacks
and data breach
Federal Communications
Commission...
CYBERSECURITY THREATS BY INDUSTRY
RETAIL
Open Wifi, point-of-sale
compromise and data breach
Federal Bureau
of Investigati...
CYBERSECURITY THREATS BY INDUSTRY
SMALL & MEDIUM BUSINESSES
Credit cards, phishing,
point-of-sale compromise, etc
Federal ...
CYBERSECURITY THREATS BY INDUSTRY
WEBSITE
Malicious code injection
and exclusion from core security
National Programs and ...
FOR MORE CYBERSECURITY
RESOURCES FOR GOVERNMENT
REAL ESTATE INVESTORS, VISIT
JLL.COM/CYBERSECURITY
Upcoming SlideShare
Loading in …5
×

Cybersecurity and its impact on your commercial real estate portfolio

1,953 views

Published on

The global cybersecurity market is currently worth more than $107 billion in 2015 and is expected to grow to more than $170 billion by 2020—an annual growth rate of almost 10 percent. In federally leased real estate, more than $32 billion was spent in the last decade on cybersecurity, with trillions more planned for the decade to come.

Join us as we introduce you to the world of cybersecurity—what it is, where it is, how it’s funded, and most importantly – how it impacts your real estate investments.

Published in: Business
  • Be the first to comment

  • Be the first to like this

Cybersecurity and its impact on your commercial real estate portfolio

  1. 1. DEFINING CYBERSECURITY THE IMPACT ON YOUR COMMERCIAL REAL ESTATE PORTFOLIO
  2. 2. The global cybersecurity market is currently worth more than $107 billion in 2015 and is expected to surpass $170 billion by 2020—an annual growth rate of almost 10%. As the largest practice group of its kind in the country, JLL’s Government Investor Services team closely tracks issues, like cybersecurity, that impact federally-leased real estate. With more than $32 billion spent in the past decade and trillions more planned for the decade to come, we anticipate that cybersecurity will renew federal leasing velocity in ways not seen since the stimulus package of 2009. JLL’S INTRODUCTION TO CYBERSECURITY FOR GOVERNMENT REAL ESTATE INVESTORS WILL COVER: WHAT CYBERSECURITY IS INFRASTRUCTURE CONSIDERATIONS SPECIFIC INDUSTRY THREATS GLOSSARY OF KEY TERMS THE IMPACT ON YOUR COMMERCIAL REAL ESTATE PORTFOLIO
  3. 3. DEFINING CYBERSECURITY
  4. 4. The federal real estate market has experienced a significant decrease in demand in the first half of this decade. Executive Mandates requiring reduction in space consumption; Congressional consensus regarding per person space utilization compression; increase in teleworking among federal employees, all have coalesced into an unprecedented flat demand horizon. With all of the focus on austerity and reduction in federal space consumption, however, there is an area of growth emerging with not only regional, but national impact; not only public economic impact, but impact on the macro economy/private sector. Cybersecurity, cyberwarfare and the ripple effects of cyber focused growth spending will be felt all over the Washington region. This report explores and explains CyberSecurity as a policy movement and the potential impact its implementation could have on the commercial real estate market. DEFINING CYBERSECURITY
  5. 5. The effects of the Initiatives, Acts and Orders outlined above have already had an impact on the DC Metro Commercial RE market: Not only do they create growth potential within individual agencies across the country as civilian agencies seek to operationalize the mandate/order to improve critical infrastructure internally but these policies also establish the foundation of the Civilian Cyber Campus Lastly, the Workforce Recruitment and Retention Act of 2014 stands to be a transformational piece of legislation for the Washington regional economy. Similar to the migration of talent into the region during the Stimulus Boom of 2008 through 2010, if the Government prioritizes attracting top tech DEFINING CYBERSECURITY talent through offering compensation packages comparable to the private sector, every sector of the DC metro economy could be affected–from multi-family housing to retail to, most notably, commercial office.
  6. 6. DEFINING CYBERSECURITY A GLOSSARY
  7. 7. This glossary is a collection of commonly used cyber related terms. It is meant as a primer for understanding basic industry terminology. For the purposes of this list, terms have been divided into either Offensive or Defensive connotations—although many of the terms apply to both. A GLOSSARY: OFFENSIVE CYBERSECURITY
  8. 8. A GLOSSARY: OFFENSIVE CYBERSECURITY OFFENSIVE CYBER ATTACK (CYBERATTACK) – An attempt to gain unauthorized access to system services, resources, or information, or an attempt to compromise system integrity. There are 5 main attack types: 1. PHISHING – An attack designed to deceive individuals into providing sensitive information. 2. SPOOFING – Faking the sending address of a transmission to gain unauthorized entry into a secure system. 3. DENIAL OF SERVICE – An attack that prevents or impairs the authorized use of resources or services. 4. TROJAN HORSE – A computer program that appears to have a useful function, but also has a hidden and potentially malicious function that evades security mechanisms. 5. MALWARE – Software that compromises the operation of a system by performing an unauthorized function or process. BOT – A computer connected to the Internet that has been compromised with malicious intent to perform activities under remote control.
  9. 9. A GLOSSARY: OFFENSIVE CYBERSECURITY OFFENSIVE CYBER BOTNET – A collection of computers compromised by malicious code and controlled across a network. CYBERTHREAT – The possibility of a malicious attempt to damage or disrupt a computer network or system. DATA BREACH – The unauthorized movement or disclosure of sensitive information to a party that is not authorized to have or see the information. DATA MINING – The process or techniques used to analyze large sets of existing information to discover previously unrevealed patterns or correlations. HACKER – An unauthorized user who attempts to or gains access to an information system. KEYLOGGER – Software or hardware that tracks keystrokes, usually secretly, designed to be monitored by an alternate user. SPAM – The abuse of electronic messaging systems to indiscriminately send unsolicited bulk messages. SPYWARE – Software that is secretly installed into an information system without the knowledge of the system user or owner.
  10. 10. A GLOSSARY: OFFENSIVE CYBERSECURITY OFFENSIVE CYBER THEFT – The primary goal of hackers, cyber related theft typically is either: 1. IDENTITY THEFT 2. INTELLECTUAL PROPERTY THEFT (i.e. patents, trademarks, trade secrets and copyrights) VIRUS – A computer program that can replicate itself, infect a computer without permission or knowledge of the user, and then spread or propagate to another computer. ZERO-DAY ATTACKS – An attack that exploits a previously unknown vulnerability in a computer application or operating system, one that developers have not had time to address and patch.
  11. 11. A GLOSSARY: OFFENSIVE CYBERSECURITY DEFENSIVE CYBER ANTISPYWARE SOFTWARE – A program that specializes in detecting and blocking or removing forms of spyware. CLOUD COMPUTING – An on-demand network of “shared pool” computing resources. COMPUTER NETWORK DEFENSE – The actions taken to defend against unauthorized activity within computer networks. CRITICAL INFRASTRUCTURE – The systems and assets, whether physical or virtual, so vital to society that the incapacity or destruction of such may have a debilitating impact on the security, economy, public health or safety, environment, or any combination of these matters. CYBERSECURITY – Protecting computers, mobile devices, tablets, networks, programs and data from unauthorized access or manipulation. CYBERSPACE – The interdependent network of information technology infrastructures. Cyberspace includes the Internet, telecommunications networks, computer systems, and embedded processors and controllers. DARK FIBER NETWORK – A privately operated network of optical fiber cabling that is used for secure and direct communication and data exchange between facilities
  12. 12. A GLOSSARY: OFFENSIVE CYBERSECURITY DEFENSIVE CYBER DIGITAL FORENSICS – Gathering, retaining, and analyzing system-related data (digital evidence) for investigative purposes. FIREWALL – A capability to limit network traffic between information systems. NETWORK RESILIENCE – The ability of a network to: 1. Provide continuous operation. 2. Recover effectively if failure does occur. 3. Scale to meet rapid or unpredictable demands. REDUNDANCY – Additional systems, assets, or processes that maintain a degree of overall functionality in case of loss or failure of another system. SCIF – Sensitive Compartmented Information Facility - an enclosed area within a building that is used to process classified information
  13. 13. DEFINING CYBERSECURITY THE INFRASTRUCTURE LANDSCAPE
  14. 14. THE INFRASTRUCTURE LANDSCAPE With cybersecurity growing as a major concern for both the government and the private sector, the Federal Government is at the forefront of coordinating a national response. Investors and owners of federally-leased assets need to understand the basic framework of the federal cybersecurity plan to know what implications the Government’s strategy may have on federally-occupied buildings. As various federal agencies are given new responsibilities and mandates, expansion and growth opportunities arise. Alternately, agencies not favored with cybersecurity-linked funding may continue to experience right-sizing and reduction. For the private sector, understanding your tenants’ cyber-related role will give you a competitive edge in the market as their space needs over the coming decades can be affected by what kind of attack they are guarding against. Each major industry will care about different types of cyber threats and the various agencies are involved in protecting them.
  15. 15. THE INFRASTRUCTURE LANDSCAPE FARMS/FOOD PROCESSING PLANTS CABLE FIBER DELIVERY SERVICES (E.G TRUCKS) GOVERNMENT FACILITIES HOSPITALS RAILROADS, HIGHWAYS, PIPELINES, PORTS DAMS, RESERVOIRS, TREATMENT PLANTS NUCLEAR POWER PLANTS CORPORATIONG/ INSTITUTIONS POWER PLANTS PHYSICAL INFRASTRUCTURE
  16. 16. THE INFRASTRUCTURE LANDSCAPE CYBER INFRASTRUCTURE INFORMATION TECHNOLOGY CONTROL SYSTEMS HARDWARESOFTWARE INTERNET
  17. 17. THE INFRASTRUCTURE LANDSCAPE FOOD & AGRICULTURE DAMS ENERGY CRITICAL INFRASTRUCTURE BANKING & FINANCE CHEMICAL COMMERCIAL FACILITIES COMMUNICTATIONS CRITITCAL MANUFACTURING DEFENSE INDUSTRIAL BASE EMERGENCY SERVICES
  18. 18. THE INFRASTRUCTURE LANDSCAPE GOVERNMENT FACILITIES HELTHCARE & PUBLIC HEALTH CRITICAL INFRASTRUCTURE NATIONAL MONUMENTS & ICONS INFORMATION TECHNOLOGY NUCLEAR REACTORS, MATERIALS & WASTE POSTAL & SHIPPING TRANSPORTATION WATER
  19. 19. DEFINING CYBERSECURITY CYBERSECURITY THREATS BY INDUSTRY
  20. 20. CYBERSECURITY THREATS BY INDUSTRY With cybersecurity growing as a major concern for both the government and the private sector, the Federal Government is at the forefront of coordinating a national response. Investors and owners of federally-leased assets need to understand the basic framework of the federal cybersecurity plan to know what implications the Government’s strategy may have on federally-occupied buildings. As various federal agencies are given new responsibilities and mandates, expansion and growth opportunities arise. Alternately, agencies not favored with cybersecurity-linked funding may continue to experience right-sizing and reduction. For the private sector, understanding your tenants’ cyber-related role will give you a competitive edge in the market as their space needs over the coming decades can be affected by what kind of attack they are guarding against. Each major industry will care about different types of cyber threats and the various agencies are involved in protecting them.
  21. 21. CYBERSECURITY THREATS BY INDUSTRY BANKS Denial-of-service, fraud, botnets and web authentication attacks US Secret Service (USSS) Department of Treasury Office of the Comptroller of the Currency (OCC) Securities and Exchange Commission (SEC) Consumer Financial Protection Bureau (CFPB)
  22. 22. CYBERSECURITY THREATS BY INDUSTRY CREDIT CARD PROCESSORS Denial-of-service, fraud, botnets and web authentication attacks Internal Revenue Service (IRS) Consumer Product Safety Commission (CSPC) Department of Treasury Federal Bureau of Investigation (FBI) US Secret Service (USSS)
  23. 23. CYBERSECURITY THREATS BY INDUSTRY DEFENSE/INDUSTRIAL SECTOR Zero-day hacks, remote access and phishing Department of Defense (DoD) National Protection and Programs Directorate (NPPD)
  24. 24. CYBERSECURITY THREATS BY INDUSTRY HOSPITALITY Point-of-sale compromise (credit cards), open Wifi and admin accounts US Secret Service (USSS)
  25. 25. CYBERSECURITY THREATS BY INDUSTRY HOSPITALITY Phishing, zero-day attacks and data breach Federal Communications Commission (FCC Federal Trade Commission (FTC)
  26. 26. CYBERSECURITY THREATS BY INDUSTRY RETAIL Open Wifi, point-of-sale compromise and data breach Federal Bureau of Investigation (FBI) US Secret Service (USSS) Consumer Products Safety Commission (CPSC)
  27. 27. CYBERSECURITY THREATS BY INDUSTRY SMALL & MEDIUM BUSINESSES Credit cards, phishing, point-of-sale compromise, etc Federal Bureau of Investigation (FBI) Small Business Administration (SBA) Department of Treasury
  28. 28. CYBERSECURITY THREATS BY INDUSTRY WEBSITE Malicious code injection and exclusion from core security National Programs and Protectorate Directorate (NPPD) Department of Homeland Security (DHS) Federal Communications Commission (FCC)
  29. 29. FOR MORE CYBERSECURITY RESOURCES FOR GOVERNMENT REAL ESTATE INVESTORS, VISIT JLL.COM/CYBERSECURITY

×