Top Reason to Hack: Information Theft

Friday, October 21, 2011 @ 12:10 PM gHale


Half of all companies are moderately to highly vulnerable to information theft, up sharply from 38 percent in 2010, according to a new survey.

Information-based industries continue to report the highest incidence of theft of information and electronic data. These include financial services (29 percent), technology, media and telecoms (29 percent), healthcare, pharmaceuticals and biotechnology (26 percent) and professional services (23 percent), according to the Kroll Annual Global Fraud Report.

RELATED STORIES
Companies Embrace, Fear Social Media
Cyber Threats Forecast for 2012
CFATS Reaches Stage Three
DHS: Standards Should Stymie Threats
Vast Divide over Security Perceptions, Reality

Despite heightened levels of concern, the overall prevalence of fraud decreased this year to 75 percent from 88 percent last year. Roughly one in four companies suffered from physical theft of cash, assets and inventory or information theft, down from record highs in 2010.

In contrast, management conflict of interest (21 percent), vendor, supplier or procurement fraud (20 percent) and internal financial fraud (19 percent) all saw notable increases. The incidence of corruption and bribery nearly doubled over the past year from 10 to 19 percent.

For the second straight year, fear of fraud is dissuading nearly half of companies surveyed from becoming more global. Forty six percent of respondents said fraud had dissuaded them from pursuing business opportunities in at least one foreign country. Corruption and bribery are the leading factors in that decision, cited by 62 percent. The biggest impact has been on emerging economies, with fraud deterring 15 percent of businesses from operating in Africa, 10 percent in China and 9 percent in India.

Other key findings include:

Economic cost of fraud: How expensive is fraud to companies? This year’s survey found on average fraud cost companies 2.1 percent of earnings in the past 12 months, which is equivalent to a week of revenues over the course of a year. Eighteen percent lost more than 4 percent of revenues to fraud in the year, while 53 companies, or one quarter of that group, lost more than 10 percent of revenues to fraud.

Fighting information theft poses new challenges: One of the major challenges faced by companies defending against information theft is the variety of data sought by attackers. While proprietary data is the most common target, customer and employee data are also targets for theft. The data category sought the most by fraudsters varies by industry, depending on the value of the data a company is likely to have. For technology, media and telecoms companies, the most common target category is proprietary data (cited by 36 percent of respondents), while for financial services companies it is customer information (29 percent).

Fraud largely remains an inside job: Last year’s survey found among companies suffering from an incident of fraud, junior employees and senior management were most likely the perpetrators at 22 percent each. This year, for junior employees that figure climbed to 28 percent and remained about the same for senior management (21 percent). A further 11 percent came from an intermediary or agent for the company, meaning this year, 60 percent of fraud was the result of someone who worked for the company in some way. However, for the companies that lost the most revenue from fraud, senior executives are more likely to be the perpetrators (29 percent) with junior employees involved in only 8 percent of the cases.



Leave a Reply

You must be logged in to post a comment.