Cyber Fraud, Inside Threat Growing

Tuesday, December 1, 2015 @ 03:12 PM gHale

More companies are falling victim to fraud incidents as 75 percent of companies suffered a hit this past year which is a rise of 14 percent in just three years, a new survey said.

The findings also show the biggest fraud potential to companies comes from the inside threat, according to the survey by Kroll. Of those companies where fraud occurred and the perpetrator identified, four in five (81 percent) suffered at the hands of at least one insider, up from 72 percent in the previous survey.

More IoT Vulnerabilities Discovered
Connected ‘Things’ Continues to Grow
Attack Vector: Smart Coffee Makers
CCTV Cameras Form Botnet

More than one in three victims (36 percent) experienced fraud at the hands of a member of their own senior or middle management, 45 percent at the hands of a junior employee, and for 23 percent, the fraud resulted from the conduct of an agent or intermediary.

For companies that experienced information/data loss, theft or attack over the past 12 months, the most common cause was employee conduct, involved in 45 percent of incidents, with vendor/supplier activity involved in 29 percent of incidents. By comparison, only a small minority involved an attack by an external hacker on the company itself (2 percent) or on a vendor/supplier (7 percent).

One in three (33 percent) executives responding to the survey cite high staff turnover as the main driver of increased exposure to fraud. This is more than twice as many who named the next highest driver of vulnerability to fraud, greater outsourcing (16 percent).

“One of the most telling results from this year’s report is how vulnerable to fraud companies are feeling. In one form or another, the specter of fraud arises in virtually every business relationship. What our report drives home is that fraud is often an ‘inside job’ and that companies must address both internal and external relationships if they are to most effectively protect their money, property and private data,” said Daniel Karson, chairman at Kroll.

Overall, 69 percent of businesses suffered a financial loss as a result of fraud, up from 64 percent in the previous survey. Theft of physical assets was the most common fraud experienced (22 percent), followed by vendor, supplier or procurement fraud (17 percent) and information theft (15 percent).

In this age of security awareness, four in five respondents (80 percent) believe their organizations have become more vulnerable to fraud in the past year. Executives expressed particular concern around areas such as cyber risks, with more than half of respondents (51 percent) believing they are highly or moderately vulnerable to information theft. This increased awareness level has led to growth in the number of companies proactively looking after their information security requirements, with two-thirds (67 percent reporting they regularly conduct data and IT infrastructure assessments. A majority of respondents report they have an up-to-date information security incident response plan (60 percent) and have tested it in the past six months (59 percent).

“Human nature being what it is, fraud will always be with us, whether it occurs in a company’s corner office or a world away in its supply chain,” Karson said. “However, there are numerous strategies, resources and best practices available to companies that can go a long way toward helping them protect themselves and their investments.”