TMCnet News
The stakes have never been higher(City A.M. (UK) Via Acquire Media NewsEdge) Cyber-crime is the prefect fraud for criminals in a digital economy where information is easily changed and monetised for personal gain. Fraudsters recognise businesses are relatively soft targets, especially from within. Weaknesses continue to be exploited and incidents go undetected. Fraudsters hide behind digital and country borders and their crimes are often victimless, making it easier to rationalise. Companies are fully dependent on technology. Whether the focus of a cyber attack is on data theft, unauthorised funds transfer, hiding losses or disrupting systems, the stakes have never been higher. Fraudsters actively target positions or individuals that have access to information systems they need to fulfil their gains. A recent study by Protiviti, a global business and risk consultancy firm, noted that cybersecurity is a top priority risk at board level for well-managed companies. However, boards need to better understand their cyber-risk exposure and establish a risk appetite that prioritises those they can accept and those to be avoided. Even with increasing investment, breach response rates are still too long and traditional cyber-risk management approaches are not working. Companies continue to play catch-up with tech-savvy fraudsters. While maturing technologies exist to help organisations respond to the threat, Protiviti's cyber-security study revealed that only 28 per cent of organisations have adopted them. Companies are still trying to get the basics right and cost is often a barrier. Companies have a journey ahead to understand the cyber-risks they face and how to better target their security investment. In the fight against fraud, to protect the crown jewels companies will need to accept a degree of inconvenience in areas that matter most. However, if they are honest about the risks they can live with and prioritise the risks they are not willing to accept, solutions can be implemented to minimise this inconvenience. Ryan Rubin is IT Security & Privacy Managing Director at Protiviti +44 20 7389 0436 [email protected] (c) 2014 City A.M. |