Qondio
Front
Intel
IntelMart
Shares
My Qondio
Account
tduffy > Intel > global fraud

qondio.com/liB8 PRINT EMAIL

global fraud

By Thomas Duffy of vci

In a true sign of the times, companies participating in this year’s Global Fraud Survey reported that information theft is now the most common form of fraud. With 27% of companies reporting incidents within the past year, the theft of information surpassed the theft of physical property for the first time in the four-year history of the Survey. Some industry sectors were particularly hard hit, foremost among them financial services (42%, up from 23% the previous year), professional services (40%, up from 23%), and Technology, Media and Telecoms (37%, up from 15%). And while companies clearly recognize the increasing severity of the problem, to some extent they feel unprepared to deal with it: 77% of respondents believe that their companies are vulnerable to information theft.
Given the financial, legal, and reputational risks that go hand-in-hand with a data breach, failing to prepare for one is to court disaster. When an incident occurs, there is no time to learn on the fly, so having a response plan already in place is critical. While there is no such thing as a one-size-fits-all response plan, the best plans tend to share common elements. In particular, they are designed to accomplish five key goals:
1. Provide the proper resources for early detection
Too often, the first indication that an incident has occurred is a call from a victim complaining that an account has been looted or, worse yet, a reporter writing a story on a breach. A solid plan should contain a strategy for detecting potential problems at the earliest possible stage by integrating technology (e.g. intrusion detection and prevention systems, log analysis, anomaly analysis) with a robust training regime to ensure that key personnel understand what to look for and what to do when they suspect that something is wrong.
2. Determine if the breach event is still happening and then “stop the bleeding”
Too many companies concentrate immediately on the process of notifying victims before they know all the facts. A good response plan should include a clear process for determining – with forensic accuracy – what did and did not happen and whether any of it is still occurring. Many malicious software attacks have, as part of their structure, elements designed to keep the malware in place long after the initial intrusion. This can lead to automated re-infections weeks or even months after a system is thought to be cleansed and the subsequent compromise of additional data. Absent the certainty that sensitive information is no longer being compromised, it is impossible to mount an effective response.
3. Determine the scope of the breach
In the event of a breach, the extent to which data has been compromised is not always readily apparent. In some instances, the situation is far less serious than suspected. For example, reverse engineering of malicious software can sometimes reveal that the malware did not actually work – i.e., an intrusion without the data loss. In other cases, analysis of the criteria by which a malicious software program selects records to target can show that, since fewer records meet those criteria, the loss was much smaller than originally feared. On the other hand, sometimes the loss is more extensive than initial appearances might suggest. Either way, it is vital for companies to discern the universe of compromised information with enough accuracy – and evidence – to justify their subsequent course of action.
4. Determine who is responsible for the breach and attempt to recover lost data
The loss of information sometimes stems from the loss or theft of a physical object – e.g., a laptop computer, USB drive, or disc – often due to the carelessness or misconduct of an employee. In circumstances like this, a good response plan will provide a process and the resources to conduct a solid fact-finding investigation into the circumstances of the loss. A prompt and robust investigation can often lead to the identification of the person or persons responsible for the loss, which can, in turn, result in a more detailed understanding of the extent to which the data has been disseminated. In some instances, the lost information can even be recovered, reducing or eliminating the need for notification.
5. Determine and comply with legal obligations
In the United States, the regulatory regime for data breach is extremely confusing, with different requirements for different industries and different states. With the exception of the Health Information Technology for Economic and Clinical Health Act (HITECH), which contains breach notification mandates for entities covered under the Health Insurance Portability and Accountability Act (HIPAA), there is no overarching federal law governing breach notification. Instead, there is a patchwork of laws from 46 states and two territories. These laws present varying and sometimes contradictory requirements regarding the entities to be notified and the information that can and cannot be included in the notification letters. A good plan will provide the professional resources necessary to clearly determine the nature and extent of the company’s legal obligations and develop a viable strategy for complying with them.
Without question, a well-crafted response plan can go a long way toward mitigating the damage that flows from a data breach. Better yet is to take proactive steps to prevent incidents from occurring in the first place. Some recommended steps are described below:
Data Mapping – It is critical for companies to understand where and in what form their sensitive data is stored. An awareness of where that data resides and how it is transferred both internally and externally can serve as the foundation for sound policies and procedures to mitigate significantly the risk of breach.
Vulnerability Testing – Regular testing to identify vulnerabilities that a hacker or dishonest insider might exploit are also vital. There are excellent tools to do this, although many organizations elect to engage specialists who have a depth of experience in responding to incidents and extensive knowledge of the latest threats.
Use Encryption – Many of the statutes relating to data breach provide for exceptions when the data in question was encrypted. Because of this, the use of encryption, particularly for data in a form frequently associated with data loss incidents – e.g., data stored on portable devices and back-up or archival data stored on tapes – should be considered a best practice. Many application programs also permit data to be encrypted while residing in a database, another practice that provides protection with little added risk.
Policy Review – In a world of rapidly evolving threats, changing legal requirements, and new outsourcing technologies like cloud computing, it is imperative to review policies at least annually.
Given the current trends, there is every reason to expect next year’s survey to show an even higher prevalence of information theft. With some smart advance planning, there is every hope that companies will be better prepared.


--
Venture Capital Int, Thomas Duffy,
Managing Director
Office 860-350-4440
Cell: 203.775.9999
Fax: 203.648.4942
Skype ID VCI.LLC
http://www.venturecapital-advisors.com

External Links

http://www.venturecapital-advisors.com

Contributed by tduffy on November 30, 2010, at 11:53 PM UTC.

Reactions

No reactions yet.

Rate This Intel

Please login or sign up to rate this intel.

Comments

Please login or sign up to add a comment.

Great intel Thomas. Thanks for sharing this valuable info.

Gina

prican02 Dec 1, 2010 03:40
Thank you for sharing this well researched and well written intel, Thomas.
It appears that the more information people put on their electronics, the greater their chances of their being involved in a fraud.
Our younger generation has an even greater danger, as they are so loose with their personal information.
Keep up the good work.
Best wishes.
Frederick

frederick Dec 1, 2010 09:13
paragraphs. I might have read this but...

Guy Mclaren Dec 1, 2010 11:23
Fraud, sabotage, and deceit - it seems as if companies seeking to keep up with modern technology cannot win.

Thank you for the well-written and interesting intel.
Laraine

Laraine Jan 31, 2011 23:01

Share

Copyright Notice

The copyright for this content entitled "global fraud" has been specified by the contributor as:

All Rights Reserved

This content may not be copied, distributed or adapted by anyone under any circumstances.

Login Here with
Any Email Address
Any Password
No account? Sign up.

Intel Contributor
This intel was contributed by tduffy


Qondio Archive
May, 2012
123456
78910111213
14151617181920
21222324252627
28293031


2008
January, February, March, April, May, June, July, August, September, October, November, December
2009
January, February, March, April, May, June, July, August, September, October, November, December
2010
January, February, March, April, May, June, July, August, September, October, November, December
2011
January, February, March, April, May, June, July, August, September, October, November, December
2012
January, February, March, April, May

Sign Up
Not a member yet? Qondio is a powerful network for making it online. If you have a website to promote, we can help. Sign up and get in on the action.

About Qondio
Welcome to Qondio! Discover the awesome power this network can deliver by going to our About page. Or you could skip straight to the Sign Up form.

ABOUT
SUCCESS GUIDE
FEATURES
FAQ
ADVERTISE
CONTACT
USAGE POLICY
PRIVACY POLICY


 TWITTER
FACEBOOK