Federal guidance on cyber insurance policies is the focus of a new bipartisan Senate bill introduced on Feb. 21 that aims to protect businesses and consumers against cyberattacks. (PoliticoPro, Feb. 21)
- The Insure Cybersecurity Act will direct the National Telecommunications and Information Administration (NTIA) to mitigate digital risk by developing recommendations for issuers, agents, brokers, and customers to improve communication over cybersecurity insurance coverage levels.
- Co-sponsored by Sens. John Hickenlooper (D-CO) and Shelley Moore Capito (R-WV), the bill also directs a NTIA task force to develop policy recommendations relating to ransomware or ransom payments, and the “terminology used in policies to include or exclude losses” due to cyber terrorism or acts of war.
- Hickenlooper is the new chair of the Commerce Committee’s Subcommittee on Consumer Protection, Product Safety, and Data Security.
- A 2021 Government Accountability Office report found that ambiguity in policy language can result in misunderstandings and litigation between issuers and policyholders—and underestimations of coverage needed to protect against cyber risks.
The Roundtable’s Homeland Security Task Force continues working with the Real Estate Information Sharing and Analysis Center (RE-ISAC), federal officials, and real estate companies about threats to the business cyber environment with the aim of mitigating cyber intrusions.
# # #
The Treasury Department’s Financial Crimes Enforcement Network (FinCEN) warned financial institutions this week about how Russian elites and their proxies may attempt to evade sanctions by exploiting vulnerabilities in the U.S. commercial real estate market. (FinCEN Alert | Bloomberg and Wall Street Journal, Jan. 25)
- Treasury has imposed wide-ranging sanctions on certain Russian elites, their proxies, and others who have provided support for Russia’s brutal war against Ukraine. (Treasury’s Sanctions List Updates)
- FinCEN Acting Director Himamauli Das said, “Today we are identifying red flags and typologies in commercial real estate transactions that financial institutions can use to remain vigilant in monitoring, detecting, and reporting suspicious activity that may be indicative of sanctions evasion by sanctioned Russia elites, oligarchs and their proxies.” (Treasury news release, Jan. 25)
- FinCEN’s 11-page alert warns that sanctioned Russian elites and their proxies may pose as CRE investors seeking to evade sanctions by using shell companies, trusts, and pooled investment vehicles, including offshore funds, in order to avoid customer due diligence obligations and beneficial ownership protocols established by financial institutions.
- The alert also reminds financial institutions involved in loan syndication—including banks, life insurers, and other types of companies regulated by the Bank Secrecy Act—that Section 314(b) of the USA PATRIOT Act provides a safe harbor that offers protections from liability for financial institutions who share information with one another on suspected money laundering or terrorist activities.
- Questions or comments regarding the alert should be sent to the FinCEN Regulatory Support Section at email@example.com.
The Treasury Department issued a final rule last Sept. that will require millions of companies to report information about their “beneficial owners”—persons who own at least 25% of a company or exert significant authority over it—to FinCEN. (Roundtable Weekly, Sept. 30, 2022 | Final Treasury Rule | Fact Sheet | Wall Street Journal and Bloomberg Law, Sept. 29)
# # #
This week, U.S. security officials released information on their efforts to secure the nation’s election infrastructure and protect American voters from intimidation, discrimination or threats of violence related to the Nov. 8 midterm elections. The potential for political violence, cyberattacks and mitigation strategies were also among the topics of discussion during yesterday’s Real Estate Roundtable Homeland Security Task Force (HSTF) virtual meeting. (Presentation to HSTF | Justice Department bulletin and Politico, Oct. 24)
- As election sites and offices are hardening formerly soft targets, hiring security guards, and installing bulletproof and bomb-resistant glass, the HSTF meeting featured a discussion with Mohamed Telab—Deputy Regional Director (DRD) for the Cybersecurity and Infrastructure Security Agency’s (CISA) Region II—on federal resources available for securing elections. (Axios, Oct. 9 and CISA website)
- Earlier this month, CISA Director Jen Easterly said, “At this time, we are not aware of any specific or credible threats to compromise or disrupt election infrastructure” although the current threat environment is “more complex than it has ever been.” (Politico, Oct. 24 and Reuters, Oct. 17)
- The FBI previously issued a public service announcement on Oct. 12 warning about election crimes and the Department of Homeland Security announced in June that “calls for violence by domestic violent extremists” against election workers, candidates and democratic institutions will likely rise closer to the midterms. (CNBC, Oct. 27)
- Domestic disinformation campaigns and homegrown threats to poll workers are emerging as the more significant concerns ahead of midterm elections than foreign interference. Extremists are reportedly focusing their efforts locally, monitoring neighborhood ballot boxes and signing up as poll workers. (Axios, Oct. 26)
The Roundtable’s HSTF and the Real Estate Information Sharing and Analysis Center (RE-ISAC) work closely with federal officials on potential cyber and physical threats to CRE. Roundtable members interested in participating in the HSTF or RE-ISAC can contact Roundtable Senior Vice President Chip Rodgers or call 202-639-8400.
# # #
The National Counterterrorism Center (NCTC) on Sept 28 will preview its new aCTknowledge platform, designed to deliver timely situational awareness notifications covering terrorist events that may impact local communities.
How to Participate
- CRE participants can join the preview here:
- Wednesday, September 28 from 1:00–2:00 pm (ET)
- Zoom link
- Meeting ID: 833 6363 8044
- Passcode: 591990
- The aCTknowledge platform will provide significant tactics, techniques, and procedures to support homeland security, law enforcement, and community first responder efforts aimed at protecting against terrorist threats. Additionally, NCTC’s aCTknowledge will offer reference guides to aid in rapid response and deployment, helping with private sector efforts. (See fact sheet about the new platform)
- The Roundtable—through our Homeland Security Task Force (HSTF) and partnership with the Real Estate Information Sharing and Analysis Center (RE-ISAC)—remains focused on increased cross-agency information sharing and cooperation with key law enforcement and intelligence agencies that benefit the industry.
- The RE-ISAC sends a daily report to members to share actionable information on a variety of potential cyber and physical threats. Additionally, The Roundtable’s HSTF works closely with federal, state, and local law enforcement, intelligence agency partners, and the RE-ISAC on risk mitigation measures that CRE businesses may consider to help protect critical infrastructure.
See The Roundtable’s 2022 Annual Report’s Homeland Security section.
# # #
The Department of Homeland Security (DHS) issued a National Terrorism Advisory System Bulletin this week, warning of a “heightened threat environment” affecting targets that encompass U.S. critical infrastructure, public gatherings, faith-based institutions, schools, racial, ethnic, and religious minorities, government facilities and personnel, the media, and perceived ideological opponents. (DHS Bulletin, June 7)
CRE & Security Threats
- The bulletin, which expires Nov. 30, said calls for violence by domestic extremists directed at democratic institutions, candidates and election workers will likely increase through the fall. (Associated Press, June 7)
- DHS’s Cybersecurity and Infrastructure Security Agency (CISA) continues to work with government and private sector partners—including owners and operators of critical infrastructure, soft target facilities, and public gathering places—to provide information resources on Active Shooters, Bombing Prevention, and Soft Targets-Crowded Places.
- DHS partners include The Roundtable’s Homeland Security Task Force (HSTF) and The Real Estate Information Sharing and Analysis Center. RE-ISAC is a public-private information sharing partnership between the U.S. commercial facilities sector and federal homeland security officials organized and managed by The Real Estate Roundtable.
- HSTF and The Roundtable’s Risk Management Working Group (RMWG) will hold a joint meeting on June 17 in conjunction with The Roundtable’s Annual Meeting in Washington, DC. Guests will include:
- National Football League security Chief Cathy Lanier, above, the new chair of the Commercial Facilities Sector Coordinating Council. (Video: “Cathy Lanier explains her role as the NFL’s Chief Security Officer”)
- Former NYPD commissioner Dermot F. Shea, president of Related Commercial Property Management
- A representative from the FBI’s Counterterrorism Division
- Nitin Natarajan, Deputy Director for the Cybersecurity and Infrastructure Security Agency (CISA)
- Three real estate CEOs who have served on The Roundtable’s Board of Directors joined 225 other national business leaders in a joint letter to the Senate yesterday, urging “bold urgent action” to address gun violence. (CBS News, June 10)
- Roundtable members Owen Thomas (CEO & Director, Boston Properties/BXP), Scott Rechler, (Chairman and CEO, RXR) and William Rudin (Co-Chairman & CEO, Rudin Management Company) are signatories on the joint letter.
- The letter states, “Taken together, the gun violence epidemic represents a public health crisis that continues to devastate communities—especially Black and Brown communities—and harm our national economy.” (CNBC, June 10)
- Roundtable President and CEO Jeffrey DeBoer issued a May 27 statement on gun violence in America, calling on Democrats and Republicans “… to pass common sense legislation to remove weapons of war from America’s cities and communities.”
The Roundtable’s 2022 Roundtable Policy Agenda states, “As a critical part of the nation’s infrastructure, real estate continues to face an array of threats from natural catastrophes, international and domestic terrorism, criminal activity, cyber-attacks, and border security. To address such threats, The Roundtable continues to help build a more secure and resilient industry against both physical and cyber threats.”
# # #
Lieutenant Colonel (Ret.) Alexander Vindman, Senior Advisor of VetVoice Foundation, today discussed the conflict in Ukraine during a Real Estate Roundtable virtual town hall. In recent years, Vindman served on the White House’s National Security Council as the Director for Eastern Europe, the Caucasus, and Russia. (Watch video discussion)
Focus on Ukraine
- Vindman and Roundtable President and CEO Jeffrey DeBoer addressed Ukraine in the context of Democracy vs. Authoritarianism, the spillover effects of the war, and the need for a future international reconstruction effort.
- “It’s a geopolitical earthquake that has unfolded over the past year, culminating in a war between the largest country in the world and the largest country in Europe,” Vindman stated.
- In addition to the devastating human and physical destruction, the war’s spillover effects include interruptions to the supply of crucial commodities such as neon and titanium, and food supplies for the Middle East and Africa.
- “The longer this war continues, the greater the chance of spillover,” Vindman said, citing the Russian attack on a Ukrainian nuclear power plant, and the potential use of cyberwarfare and chemical weapons.
- He added the war’s eventual outcome will be a significant setback to Authoritarianism – and that the West should keep a door open for a reconciliation with Russia after Putin is gone.
- Vindman and DeBoer also discussed the need for an enormous reconstruction effort, which Vindman said could amount to $100 billion international fund that could take the form of a public-private partnership. (Watch video discussion)
- Roundtable members can support Ukraine against the Russian invasion via the VetVoice Foundation.
- Since the invasion of Ukraine began, over 450 U.S. companies have announced their withdrawal from Russia, shutting down 25% of Russia’s gross domestic product (GDP), according to Professor Jeffrey Sonnenfeld at the Yale Chief Executive Leadership Institute. Sonnenfeld’s research team maintains a list of companies that have either withdrawn from Russia completely, suspended or scaled back operations, or delayed investments. (Fortune, March 16)
- Many American Hotel & Lodging Association members, including Hilton and Marriott International, recently announced donations for humanitarian aid; the closure of their corporate offices in Moscow; and a suspension all future hotel development and investment in Russia. (TravelPulse, March 21 and Roundtable Weekly, March 18)
White House CyberSecurity Warning
- President Joe Biden alerted U.S. business leaders on March 21 that “based on evolving intelligence, Russia may be planning a cyberattack against us.” Biden added, “[I]t’s a patriotic obligation for you to invest as much as you can in making sure … you have built up your technological capacity to deal … with cyberattacks.” (Remarks by President Biden | White House Statement | Fact Sheet: Act Now to Protect Against Potential Cyberattacks, March 21)
- The growing concern about a possible Russian cyberattack response over U.S. sanctions also led White House Deputy National Security Adviser for Cyber and Emerging Technology Anne Neuberger, above, to clarify that although “there is no certainty” of an attack, Biden’s warning was intended to focus attention on “critical infrastructure.” (White House Press Briefing video | BGov and Axios, March 21)
The Real Estate Roundtable’s Homeland Security Task Force and the Real Estate Information Sharing and Analysis Center (RE-ISAC) continue to work with its members, key law enforcement and intelligence agencies to help manage and mitigate cyber and physical threats to the commercial facilities sector. (Information on joining the RE-ISAC and Roundtable Weekly, March 4)
# # #
The Securities and Exchange Commission (SEC) on March 9 issued a proposed rule that would require publicly traded companies to disclose a cybersecurity incident within four days of determining a breach is “material,” or important to the average investor. (BGov, March 11 and SEC News Release | Proposed Rule | Fact Sheet)
Proposed SEC Requirements
- SEC Chair Gary Gensler, above, said, “Today, cybersecurity is an emerging risk with which public issuers increasingly must contend. I am pleased to support this proposal because, if adopted, it would strengthen investors’ ability to evaluate public companies’ cybersecurity practices and incident reporting.” (Bloomberg, March 9)
- An SEC spokesperson noted that the crisis in Ukraine gave these proposals “special relevance.” (CNBC, March 9 and see story below on The Roundtable’s upcoming March 25 discussion on the Ukraine conflict)
- The proposed SEC amendments would include requirements around reporting material cybersecurity incidents – and providing periodic updates for previously reported cybersecurity incidents. (Wall Street Journal, March 9)
- The proposal also would require periodic reporting related to:
- a registrant’s policies and procedures to identify and manage cybersecurity risks;
- the registrant’s board of directors’ oversight of cybersecurity risk; and
- management’s role and expertise in assessing and managing cybersecurity risk and implementing cybersecurity policies and procedures.
- The Real Estate Roundtable is planning to provide comments on the SEC proposal in advance of the May 9, 2022 submission deadline and looks forward to Roundtable members’ input. The proposed four-day reporting timeframe for companies to provide cyber disclosures may not provide enough time for companies to discover the full extent of an incident. (BGov, March 11)
- An Audit Analytics report released last year showed the number of cybersecurity intrusions reported by public companies increased from 28 breaches in 2011 to 117 in 2020.
- The average cost of a corporate data breach was $4.24 million in 2021, according to an annual IBM Security report.
- Separately, the $1.5 trillion omnibus bill spending bill enacted on March 11 included the Cyber Incident Reporting for Critical Infrastructure Act. The legislation establishes a narrower 72-hour window for critical infrastructure owners and operators to disclose a cyberattack to the Cybersecurity and Infrastructure Security Agency (CISA). Certain businesses are also required to report any ransom payments to the federal government within 24 hours, among other changes. (Brownstein Hyatt Farber Schreck, March 14)
- The Real Estate Roundtable’s Homeland Security Task Force (HSTF) is coordinating briefings on the following security threats through the Real Estate Information Sharing and Analysis Center (RE-ISAC):
- April: DHS Sector Outreach and Programs (Active Shooter, and other soft target resources for the Commercial Facilities Sector)
- May: DHS Fusion Center overview
- June: US Secret Service cybercrime
- August: The Protective Security Advisor Program
- September: FBI cybersecurity/cybercrimeNovember: The InfraGard program
Roundtable members interested in participating can contact Andy Jabbour of the RE-ISAC.
# # #
The Real Estate Roundtable’s Virtual 2022 State of the Industry (SOI) Meeting this week included discussions with national policymakers and industry leaders on the future of the Build Back Better (BBB) Act, the Fed and monetary policy, energy policy, regulatory oversight of ESG reporting, along with equity, diversity and inclusion issues in CRE. The Roundtable’s policy advisory committees also met, drilling down on timely issues with policy and industry experts in the areas of tax, sustainability, capital and credit, and homeland security.
Speakers & Policy Issues
Roundtable Chair John Fish (Chairman and CEO, Suffolk), right, and Roundtable President and CEO Jeffrey DeBoer, left, launched the meeting and led discussions with three U.S. Senators and other prominent policymakers, including:
- Sen. John Thune (R-SD)
Senate Republican Whip
Committees: Senate Commerce, Finance, Agriculture
… joined Roundtable Board Member Ross Perot. Jr. (Chairman, Hillwood) to discuss upcoming Senate legislation and the political outlook.
- Sen. Amy Klobuchar (D-MN)
Committees: Joint Economic, Senate Commerce, Judiciary, and Rules
… expressed her support for the recently-enacted bipartisan infrastructure bill and additional pandemic aid for the hard-hit tourism industry and hospitality sectors.
- Sen. Catherine Cortez Mastro (D-NV)
Committees: Senate Finance, Banking, and Energy
… noted her support for expanding the low-income housing tax credit to build affordable homes for working families, along with business incentives to invest in energy efficiency projects.
- John Kerry
President Biden’s Special Envoy for Climate and former Secretary of State
… discussed the significant role of the real estate industry in efforts to combat the impact of climate change and emphasized the need for nations to adopt new green energy technologies.
- Larry Summers
Former Treasury Secretary under President Clinton and Former White House National Economic Council Director under President Obama
… discussed a wide range of policy topics, including his views on the Fed’s reaction to market volatility, inflation, and the tight labor market. (Watch Summers video)
Equity, Diversity & Inclusion
- The SOI meeting also included a discussion about exploring a potential industry initiative that would aim to accelerate opportunities for minority and women business enterprises (MWBEs) in the commercial real estate industry.
- The goals of the initiative were discussed by The Roundtable’s Equity, Diversity and Inclusion (E,D&I) Committee Chairman, and Roundtable Board Member, Jeff Blau (CEO, Related Companies); Ken McIntyre, CEO of The Real Estate Executive Council; and Thomas Baltimore, Jr., Chairman, President and CEO of Park Hotels & Resorts.
Roundtable Policy Advisory Committees
(Above: Sustainability Policy Advisory Committee (SPAC) Chair Tony Malkin (Chairman, President and CEO, Empire Realty Trust), right, and Roundtable SPAC Liaison, Senior Vice President and Counsel Duane Desiderio, left.)
The Roundtable’s policy advisory committee meetings on Jan. 25-26 analyzed national issues impacting CRE, including:
- Research and Real Estate Capital Policy Advisory Committees (RECPAC)
Rep. French Hill (R-AR) provided his insights on the congressional legislative agenda from his perspective as a member of the House Financial Services Committee and Ranking Member of its Subcommittee on Housing, Community Development and Insurance. Research Committee co-chairs Spencer Levy (CBRE’s Global Chief Client Officer) and Paula Campbell Roberts (KKR Managing Director) provided their perspectives on real estate capital markets. RECPAC co-chair Kathleen Farrell, Head of Commercial Real Estate for Truist, moderated a joint committee meeting capital market discussion, along with co-chairs Gregg Gerken, Head of Commercial Real Estate with TD Bank, and Mike Lowe, Co-CEO with Lowe.
- Tax Policy Advisory Committee (TPAC)
Potential tax revenue policies that may be considered by Congress were a focus of a discussion moderated by Russ Sullivan (Brownstein Hyatt Farber Schreck) with Bethany Bell, staff director for the House Ways and Means Subcommittee on Select Revenue Measures. Additionally, Derek Theurer, chief tax counsel for Ways and Means’ Republicans, discussed tax legislative priorities prior to the upcoming mid-term elections.
- Homeland Security Task Force (HSTF)
HSTF members were briefed on the escalation of organized “smash and grab” looting incidents affecting the retail sector by Dan Kennedy, Senior Vice President of US Security Operations for Unibail-Rodamco-Westfield, Chris Woiwode, Vice President and Chief Security Officer for Macerich and Terry Monahan, former New York City Senior Advisor for Recovery Safety Planning and NYPD Department Chief. Additionally, HSTF co-chairs Amanda Mason (Executive Director of Global Intelligence for the Related Companies) and Keith Wallace (Vice President for Global Safety & Security with Marriott International) led HSTF in a discussion on current threats to CRE and mitigation strategies. (HSTF on Jan. 20 held a virtual exercise simulating hostile events and adverse weather impacting CRE).
- Sustainability Policy Advisory Committee (SPAC)
Environmental Protection Agency (EPA) staff demonstrated a new, powerful Building Emissions Calculator to estimate historical, current and future annual greenhouse gas emissions resulting from a building’s energy use. SPAC also discussed the SEC’s expected rule on Environmental, Social, and Corporate Governance (ESG) reporting requirements. (Reuters, Jan. 19). Additional speakers from the U.S. Energy Information Administration provided an update on the Commercial Building Energy Consumption Survey (CBECS), which tracks federal data on U.S. CRE energy use.
Next on The Roundtable’s FY2022 meeting calendar is the Spring Meeting on April 26. This meeting is restricted to Roundtable-level members only.
# # #