While a report prepared by the Risk and Infrastructure Science Center indicates that severe weather — like Hurricanes Harvey and Maria — lead the pack when it comes to causes of power outages in the U.S., Mother Nature is not without rivals. Power grids can go down for a number of reasons beyond natural disasters. They often use aging equipment, are prone to human error and can just malfunction. However, energy hackers are starting to play more of a role in blackouts.Read More
Perhaps the most encouraging and notable piece of RSA’s most recent quarterly report comes in the form of an overall decrease in cyberfraud. The total amount of cyberfraud attacks observed from January 1, 2018 to March 31, 2018, represented a decrease not only from the previous quarter (16.2%) but also from the same quarter of 2017 (8.6%).Read More
In less than a month’s time, the biggest global extravaganza will kick off in Russia. Thirty-two national teams will fight for the top spot in the 2018 Football World Cup. FIFA estimates that more than $5.7 billion in revenue will be generated from the showpiece event, and that more than a million tourists are expected to travel to Russia. This event will indeed be a good time for more than 3.2 billion fans worldwide, but it will also be a potentially lucrative time for fraudsters.Read More
In today’s world, it’s not uncommon to see headlines about a new instance of fraud many times a week. Whether it’s a new phishing scam targeting seniors or the arrest of a low-level employee embezzling small amounts from a local government office, most fraud-related issues are interesting to the public regardless of their profession. Since anti-fraud professionals are on the front line of fraud prevention and investigation, it’s also predictable that family and friends may turn to you for clarification of these fraud-related stories.Read More
Kelly Todd, CFE
Managing member and member in charge of forensic investigations at Forensic Strategic Solutions
A quick glance at the barrage of headline news related to cyberattacks, the perpetual explosion of electronically stored information and the ease with which data can be moved and shared makes one thing obvious: a new frontier has emerged for businesses. In this dynamic electronic age, the scope of risk for businesses is growing — in size and complexity — at such a rate that traditional risk management measures are simply not enough. While the “new frontier” has the potential to leave unsuspecting businesses exposed to a host of new risks, it is also creating a host of opportunities for those of us fighting fraud.
Threat: The Trusted Employee
Frauds committed through the use of a computer and its network is one of the fastest growing threats for businesses. According to Ernst & Young’s 2016 Global Forensic Data Analytics Survey, nine out of nine industries rate the threat of a cyberbreach as a their top risk. While the latest news focuses on hackers and cybercriminals, there is an equally dangerous, but perhaps less obvious, threat to corporate assets. While trusted employees are moving, sharing and exposing corporate data just to do their jobs, the malicious employee or contractor with authorized access may be deliberately taking confidential information for personal gain or other nefarious reasons. Whether internal or external, the threat posed by these cybercriminals is real. Threats include the disruption of operations, the wrongful transfer of funds and the theft of intellectual property, confidential information or other critical assets.
Tools to Respond: Data Analytics
The dynamic nature of technology threats requires a proactive response. While external auditors and C-suite executives have long been reluctant to embrace advanced data analytics as a proactive tool — or even as a reactive tool — to ferret out fraud, the tide seems to be turning with the increased threat that cybercrime poses.
Advanced data analytics provide the ability to collect and analyze data, both structured (think transactional data) and unstructured (email, voicemail, internet logs, text messages, social media, blogs or free text fields in a database), to prevent, detect, monitor and investigate potentially improper transactions, events or patterns of behavior related to misconduct, fraud or noncompliance issues.
As fraud examiners, we know a picture says a thousand words — and nothing tells a story better than data. The use of data visualization tools is on the rise for business intelligence, as well as detecting patterns and relationships indicative of fraud. With the explosion of electronic data, data visualization allows for communicating key aspects of complex and voluminous data in a more intuitive way. Effective visualization — which is both an art and a science — combined with advanced data analytics helps users identify patterns and relationships.
With the increased acceptance of advanced data analytics — not to mention emerging technologies, such as blockchain (a topic that goes well beyond the scope of this blog) — dramatic opportunities abound for fraud examiners.
Valuable skills for the new frontier include:
- The technical skills to understand the information systems and how to collect relevant and reliable data.
- An expertise in data analytics to relate data from disparate systems, design queries, recognize patterns, interpret and report on results.
- Institutional knowledge or investigative skills to understand the relevant risks and controls, and to collaborate in the interpretation of results in the context of the associated risks.
As risks continue to grow in the industry, staying up-to-date with the latest tools and resources will be critical. As we look to spread knowledge during International Fraud Awareness Week, it’s also crucial that as fraud professionals we commit ourselves to continuing our education. The biggest fraud risks are the ones we are not yet aware of, but with the right tools and expertise we can be better prepared to respond.