Hello, LOs!
Yesterday, Common Securitization Solutions (CSS) brought on Kelly Isikoff to be its chief information security officer.
It comes as the mortgage industry is still parsing out the impact of last week's Cloudstar ransomware attack and just what the impact on the industry will be.
In a statement announcing the move, Susan Gueli, CSS' chief technology officer and executive vice president, praised Isikoff's strong security expertise. Isikoff was previously cyber security business and strategy advisor at the Federal Reserve Bank of New York. She is a veteran of the cyber security sector, and in previous roles oversaw cybersecurity at Axis Capital, RenaissanceRe, JPMorgan Chase and Citigroup.
In prepared remarks, Gueli said that managing CSS' one million in mortgage-backed securities is "paramount to the stability of the U.S. mortgage finance market."
"As CISO, Kelly will play a critical role and lead a holistic Information Risk team, ensuring the integrity, availability, and confidentiality of our data and processes," Gueli said.
CISOs are responsible for protecting data systems from internal and external threats, such as the extensive, sophisticated ransomware attack that has left many of Cloudstar's data services offline for more than a week.
Should ransomware find its way into the mortgage securitization market, the effect could be far-reaching.
CSS, a private company jointly owned by Fannie Mae and Freddie Mac, administers $5 trillion in mortgage-backed securities, representing 27 million loans. Each month, its cloud-based service supports the issuance of over $200 billion in mortgage securities, according to the Bethesda, Maryland-based firm's website.
So, bringing in a seasoned expert in cybersecurity like Isikoff seems like a smart move, given the increasing concerns over ransomware attacks.
But creating a culture of cybersecurity is a systemic issue, Dustin Brewer, senior director of emerging technologies and innovation at IT trade association ISACA, tells me.
"We no longer just live in the physical world," Brewer said. "We live in the digital world, and we need to practice the same situational awareness that we do in the physical world."
Has your organization taken any additional steps since the Cloudstar attack last week? How often do you do trainings to prevent phishing attacks? How do you back up your files? Send me a note: gkromrei@housingwire.com
Georgia Kromrei
Senior Mortgage Reporter, HousingWire
EmoticonEmoticon