Client Bulletin: February 20, 2024

Cyberattacks in our industry are becoming more common. We’re listening, watching for incoming cyber threats and ready to take action.

In January of this year, threat intelligence recommended entities remain at a Guarded cyber threat level. We are just that — guarded.

Hackers are gaining unauthorized access to networks with phishing, SIM swapping, social engineering and password attacks. We remain vigilant and in a heightened state of alert, with increased monitoring, and proposing and implementing additional improvements to strengthen our security posture (e.g. Exchange Online Protection, Self-Service Password Reset (SSPR), automatic training enrollment in phish simulation failure, Security Copilot and Automatic Attack Disruption). These efforts leverage best-in-class cloud native security tools that allow us to continually evolve our intelligence-driven, multiple defense layers to stop hackers at the front door, halt malicious movement in our networks, prevent sensitive data from being stolen from our networks and rapidly respond in event of a breach.

Cyber incident response is a key aspect of Cenlar’s overall information security program and tied to Business Resiliency Management. Cenlar’s Cyber Incident Response Team (CIRT) is led by the CISO and made up of a cross-functional team of Cenlar senior leaders and managers who can leverage industry experts, through our cyber insurance carrier, across specialized functions to ensure each response is well tailored to the challenges presented by any incident.

The CIRT follows an industry-standard incident response lifecycle that manages cyber incidents and specifies actions and escalations, mitigates, resolves and notifies stakeholders of incidents impacting business operations or affecting the confidentiality, integrity or availability of customer and client data. The cyber incident response plan and playbooks are reviewed and exercised at least annually. Following the successful remediation and resolution of a data incident, the incident response team evaluates the lessons learned from the incident. If follow-up work is required, the incident response team develops an action plan to complete that work and assigns project managers to lead the long-term effort.

Our system learns from cyber-attacks on other companies to better posture Cenlar’s defense, leveraging relevant feeds, such as:

  • Our dark web monitoring service
  • Open Source Intelligence
  • Financial Services Information Sharing and Analysis Center (FS-ISAC) forums and groups
  • Cybersecurity and Infrastructure Security Agency (CISA) posts
  • Microsoft threat intelligence signals

These resources inform our 24/7 Security Operations Center (SOC) analysts monitoring for threats, alerting as necessary. Additionally, our endpoint detection and response automated security tools can disrupt an adversary’s Cyber Kill Chain.

We will be sure to keep you updated as the environment and our approach evolves.

We’d Love to See You in Orlando This Week!

We can’t wait to see you this week in Orlando for the MBA Servicing Solutions Conference.

If you haven’t yet set up time to meet with us during the conference, please email your Executive Client Manager. We’d love to discuss how we can further strengthen our partnership and enhance the service we provide you and your homeowners.


Cenlar SVP Ingrid Jaschok to Speak at MBA Servicing Solutions Conference

Senior Vice President of Default Operations Ingrid Jaschok will be speaking on a panel at the Mortgage Bankers Association Servicing Solutions Conference & Expo in Orlando, titled “Climate Risk Track: The Future of Inspecting and Preserving Residential Properties.”

The session, scheduled for 3:45 p.m. on Thursday, Feb. 22 in the Windmere Ballroom X at the Hyatt Regency Orlando, will discuss the numerous risks and challenges associated with protecting and preserving residential housing, which could impact future homeownership and fulfillment. Topics include complying with state and local laws, protecting and preserving communities, mass exodus of the inspection and preservation workforce, sustainable and energy efficient housing and more.

Jaschok will be joined by moderator Jodi Gaines (Chief Client Officer at Insight One Solutions) and panelists William Collins (Director, HUD National Servicing Center, U.S. Department of Housing and Urban Development), Kimberly Dawson (Director, Real Estate Fulfillment at Fannie Mae) and Michael Greenbaum (Chief Operating Officer at Safeguard Properties).

As SVP of Default Operations, Jaschok oversees all of Cenlar’s business segments within the default servicing portfolio including early and late-stage default. She has more than 25 years of experience in call center operations, loan administration, mortgage loan servicing, loss mitigation, bank and non‐bank financial institution management, as well as regulatory and compliance oversight. Prior to joining Cenlar, she was Senior Director and Senior Vice President of Default Servicing at Flagstar Bank. She was also Senior Vice President of Vulnerability Management at Citibank where she assisted the team with a start-up of Vulnerability Remediation in the Global Technology areas. Before Citibank, Jaschok was Executive Vice President of online auction operations at Auction.com, where she managed merchandising to transaction servicing processing. She also held leadership roles at both Freedom Mortgage and Mr. Cooper.


Enhanced Security Coming to CenAccess Later This Year

We are planning to introduce enhanced security for our CenAccess application through the addition of Multi-Factor Authentication (MFA) later this year.

MFA validation will be facilitated through the Microsoft (MS) Authenticator App. Once Cenlar activates MFA on CenAccess in either Q2 or Q3 of this year, users will need to download the Authenticator application to their mobile device and use it to perform MFA in order to access CenAccess. The MS Authenticator App is available in both the Apple App and Google Play stores via your mobile device at no cost.

On launch date, CenAccess users will receive a temporary password with guidance on how to setup and access CenAccess via MFA. After initial validation and on an ongoing basis upon CenAccess login, users will be provided a one-time code via the MS Authenticator App for additional authentication to enable login.

We are providing this information in advance of activation so that you can prepare your processes and users. However, Cenlar clients do not need to do much in preparation for this enhancement. You will need to alert your technology teams to enable your CenAccess users to download the MS Authenticator App onto their mobile devices, and inform CenAccess users of the coming enhancement and the need to download the app during the activation process. We will provide user setup instructions and reference materials to assist your CenAccess users through the process.

As we finalize details further, we will share with you the MFA activation date and process details.