When Trenam Law invited us to speak at their St. Pete office, I jumped at the chance. Talking with business owners and executives throughout Florida and beyond, I know that cybersecurity is one of those topics that can feel overwhelming, especially in commercial real estate (CRE). It’s a world full of complex deals, multiple vendors, sensitive client data—and not always the clearest digital guardrails.
So, we built our workshop, Cybersecurity Essentials for Multi-Partner Projects in Commercial Real Estate, around exactly that challenge: how do you keep your data safe when you’re not the only one touching it?
I was joined by Sequentur’s Chief Information Security Officer, Chris Capps—who holds two master’s degrees (Cybersecurity and Digital Forensics), a CISSP certification, and is currently working on his PhD in Governance, Risk Management, and Compliance. More importantly, he brings all of that brainpower down to earth in a way that makes cybersecurity feel understandable and actually doable. He’s the kind of person you want explaining these things.
Why Cybersecurity Matters in CRE
Let’s be real: Commercial real estate firms are holding a lot of sensitive information. Tenant records, lease agreements, financial data, system access logs—this is the kind of info hackers drool over. But unlike giant corporations with full security teams, many CRE firms rely on a patchwork of vendors and third-party partners to manage it all.
And that’s where things get risky.
We shared a few real-world case studies during the training—including Disney, American Express, and AT&T—that made this risk very real. These weren’t just cyberattacks—they were breaches caused by third parties. One downloaded the wrong file. Another forgot to turn off access after a contract ended. These were simple missteps with million-dollar consequences.
So What Can You Do?
That’s the question we built the workshop around. And here’s the answer: You don’t need to panic. But you do need a plan. A simple, doable plan that everyone in your organization—and your partners—can follow.
Some of the highlights we walked through:
- Know your data. What do you store, and where does it live? (Think lease files, email threads, CRM notes.)
- Use Multi-Factor Authentication (MFA). It’s quick to implement and blocks most credential-based attacks cold.
- Don’t email sensitive info. Use secure portals or encrypted sharing tools. We like Microsoft’s solutions, but the key is to ensure they are properly locked down.
- Train your people. Most breaches start with a click. Teaching staff to spot phishing attempts is one of the best investments you can make.
- Work with vendors who take security seriously. Ask them how they manage data and what their incident response process looks like. If their answer is vague, keep digging—or keep shopping.
The CRE Twist: Multi-Partner Projects
One thing that makes CRE unique is the sheer number of players on any given deal. Brokers, contractors, designers, lenders, property managers… it’s a party. But every new person is also a new potential vulnerability.
So we talked about:
- Creating a shared incident response plan before anything goes wrong
- Defining clear data-sharing rules—who gets access, when, and how
- Offboarding vendors securely (seriously—this part gets missed a lot)
- Building cybersecurity expectations right into contracts
It’s not about distrusting your partners. It’s about building habits that protect everyone involved.
Why Sequentur?
Chris leads our 24/7 Security Operations Center and helps organizations across the country stay ahead of cyber threats. My role is to help bridge the technical with the practical—to make sure that security doesn’t just live in some policy binder but in the day-to-day operations of your business.
We do a lot of education like this because we believe cybersecurity shouldn’t feel like an insider’s club. If we can help even one firm avoid a breach—or have a better response when something goes sideways—then that’s a win.
One Last Thought
Cybersecurity is a shared responsibility. Whether you’re negotiating leases or managing the building itself, protecting data is essential to safeguard your business. And, like most things in life, it’s a whole lot easier when you’ve got a good partner.
If you’re unsure where to begin—or just need a second set of eyes on your current setup—we’d love to talk. No pressure, no hard sell. Just honest answers from people who care.
;
