There is no doubt the advancements in technology has completely changed the way society works. From personal information to digital finance, everything is online and interconnected to provide a level of speed and convenience that would have been a delusional dream a few decades ago. An innumerable amount of money and data is being transferred via one digital means or the other every day around the globe and this raises a lot of cybersecurity concerns.
Organizations have come to terms with the fact that cybercriminals have also taken advantage of these advancements in technology. The World Economic Forum’s 2018 Global Risk Report estimates that the cost of cybercrime to businesses over the next 5 years will reach $8 Trillion.
These numbers only reinforce the need for newer and more aggressive fraud prevention models, utilizing every resource available to combat these looming threats as cybercriminals are getting smarter and better equipped.
Traditionally, Anti-fraud and cybersecurity activities and operations are kept completely separate because organizations thought it more convenient to keep these teams solely involved issues around their areas of expertise. This “siloed” system only really allows collaboration during emergencies which in most cases, might be a little too late.
It might be time to consider a fused security approach by merging the efforts of the cybersecurity team with their anti-fraud colleagues next door.
“Why do I need to align these two teams when they work fine on their own?”
You might be thinking, “It’s easier to keep these teams independent of each other and only share information when necessary” because integrating into a joint security fusion centre might seem too complicated but it actually allows you take all that individual data and integrate it into one giant data pool of collective information.
This collective information then allows teams to branch out and improve their understanding of threat actors’ tactics, techniques and procedures that’ll enhance your cyber and fraud defences.
After all, improving security and cybercrime prevention isn’t just about building strong defences. Today’s threat landscape requires more than prevention, it requires better detection, Proactive and preemptive measures guided by an improved understanding of threats, and accurate diagnostics information in the event of an incident.
Actionable intelligence is needed for businesses to take these proactive and preemptive actions to identify and mitigate the effects of any incident. Actionable intelligence refers to information about the types of data being stolen, attack methodologies, what malware is being used, how an attack hides or evades detection inside network traffic and how an attack communicates back to its controller.
However, this useful data can be lost in a sea of threat intelligence alerts and false positives. It has to through a sophisticated data analytics process to filter out false positives and generate real-time data about actual threats that allow companies to understand attacks and determine the best course of action to take.
Most organizations have the data they need to level the playing field against cybercrime in bits and pieces, making them work together has been the prevailing issue. Take the time to identify the commonalities between your fraud and cybersecurity teams to help you build a strong foundation.
Create a strategy that includes a shared indicator of compromise for both teams, response workflow, analytics and data sets to enable newly integrated teams to work as a single cohesive ecosystem.
Most importantly, FIND A CHAMPION. A senior leader who can manage this integration and make it a priority. Someone like John Aligbe / Head, E-Crime and Card Investigations / Stanbic IBTC who is an experienced cybersecurity, digital payment risk management and digital forensics strategist with demonstrated value-added services in the telecommunication and financial services industry.
John Aligbe will be speaking on the prospects of Aligning Security and Fraud Management Strategies at the African Cybersecurity and Fraud Prevention Forum that holds in Lagos, Nigeria from May 6-7, 2020