Accounting firm introduces cybersecurity practice for mortgage lenders

by Francis Monfort13 Mar 2018

Accounting and advisory firm Richey May has introduced a cybersecurity services practice aimed at mortgage lenders and services.

The firm said it launched Richey May Technology Solutions to address the increasing risk of online fraud and data attacks in the financial services and real estate industries.

Through the practice, Richey May offers IT infrastructure and controls assessment, recommendations, and implementation assistance. Additionally, lenders and servicers that do not have information security professionals on staff can hire Richey May to act as a chief information security officer on a contract basis.

The firm has appointed John-Thomas Gaietto as executive director of the practice. He joined the firm last fall, bringing more than 18 years of experience providing enterprise information security and risk-management services.

“No industry works with as much sensitive consumer data than the mortgage industry,” Gaietto said. “They have everything about a borrower’s finances, from paystubs to tax returns to the Social Security numbers of their children. They’re also required to retain this data for years, which compounds the challenges of storing it securely and keeping it out of the hands of cyber criminals.

“Since a growing number of lenders now use loan origination systems and other software over the Internet, and are migrating IT infrastructure to the cloud, they are often unaware of how their borrowers’ data is being protected, let alone where the data is physically located,” he added. “Many assume their cloud providers oversee protecting data as well, when it is typically a shared responsibility between the lender and the provider.”


Related stories:
Equifax data breach worse than originally reported
Fed keeping an eye on banks for impact of Equifax breach


Should CFPB have more supervision over credit agencies?