When a company’s own employees illegitimately access and mishandle confidential data, the damage can be immense and irreparable. Even so, most companies do not have a dedicated fraud manager on staff. What’s more, defense mechanisms against insider attacks are usually limited to the old-fashioned approach of controlling physical access to data—and so are prone to fail.
Given this conventional wisdom, Attachmate conducted a survey in late 2012 to learn how new technology trends in social media, cloud computing, mobility, and BYOD (Bring Your Own Device) might be impacting data privacy. Four hundred and fifty-two participants from a range of European organisations—including a large number of financial institutions and technology companies—responded to a 34-question online survey.
This paper reviews the key outcomes of the survey, including the challenges brought on by these trends and how IT is responding.
Companies Wake Up to Challenges of Insider Fraud
Participants were asked how seriously their company and others in their industry viewed the risk of insider fraud. Questions included, “To what extent is your sensitive corporate data at risk?” and “How is your company addressing the risk of data fraud, especially in light of technical innovations such as BYOD.”
Key findings include the following points:
- 44 percent of those surveyed viewed the risk of fraud in their industry as high or very high.
- 75.5 percent regarded the transfer of sensitive data in their industry as one of the most serious threats.
- 72 percent of corporations do not have a dedicated fraud manager in place to address fraudulent behavior.
- 95 percent thought that new technologies such as mobility or BYOD increase the risk of fraud in their companies.
These findings reveal that companies are more aware of the risk of insider fraud than they were in 2011, when our first Enterprise Fraud Management (EFM) survey was conducted. (Insider fraud no longer ranks near the bottom of the list of potential security issues.) In fact, 44 percent responded that the risk of internal security threats in their industry is high or very high.
More than 75 percent of participants regarded the transfer of sensitive data as the gravest threat to their industry, followed by financial fraud (39 percent) and sabotage (29 percent). Thirty-two percent regarded the current threat level to be high or very high and an additional 37 percent viewed it as moderate.
Yet despite these apparent risk factors, and the perception on the part of 95 percent of respondents that new technologies and trends are very risky, most companies do not take sufficient measures to prevent insider fraud. Seventy-two percent did not have a dedicated fraud manager in place.
When asked, however, if their companies had a dedicated fraud management budget, 32 percent said, “Yes,” or that a budget will be allocated in early 2013. In some companies, fraud management is a subset of the security (29 percent) or risk management budget (24 percent). Fifteen percent of those surveyed stated that their company does not have a budget for fraud management.
EFM Technology
Are the responders’ own companies deploying fraud management technology? Thirty-seven percent of participants replied positively. Twenty-two percent indicated that their company has assigned a fraud manager to address internal offenses (72 percent of the companies are addressing this issue by other means). Nineteen percent are planning to implement fraud management solutions, with 7 percent moving forward in the next six months and 44 percent not yet having made any decisions regarding fraud management technology.
What are companies looking for in a fraud management solution? According to the survey, desired functionality includes:
- Real-time user behavior analysis.
- Correlation of multiple user protocols (logs).
- Incident reporting.
- Analysis of registered or historic user activities and correlation with various user protocols (logs) to determine the source of the fraudulent behavior.
- Risk assessment of aggregated activity data.
- Visual risk analysis to detect suspicious behavior.
- Risk management.
- Auditing.
- Identify and access management.
| How Attachmate Luminet Can Help You Fight Insider Fraud |
|
Why do you need EFM software? Because trusted employees commit more fraud and compliance violations than anyone else. Attachmate Luminet software can help protect against security threats by letting companies:
- See user activity—across multiple platforms, in real time.
Luminet captures a real-time, over-the-shoulder view of user activity on all applications. It lets you define adaptable business rules that pinpoint suspicious behavior. And it generates real-time alerts related to questionable activity, so you can immediately zero in on anomalies.
- Record user activity—and play it back on demand.
Luminet records user activity in real time and stores it in a secure, digitally signed repository. You can conduct powerful full-text searches through current or recorded activity, retracing every screen and keystroke using a visual playback feature.
- Analyze user activity—and take informed action.
Luminet’s interactive tools detect the cross-channel patterns and trends of users across diverse departments and applications. Armed with this information, you can quickly connect the dots between activities and relationships.
Ultimately, Luminet gives you a comprehensive picture of who did what, and when—providing the intelligence you need to take informed action. |
Apparently, countries differ in their approach to fraud management. In Europe as a whole, 53 percent of the companies use regular audits as their main fraud management approach. In France, only 15 percent use audits, in Germany/Austria/Switzerland that number jumps to approximately 60 percent, and in the Benelux countries and the UK it is 73 percent each. The most common areas of focus across all countries are identity and access management (just under 66 percent), while the least common is risk management (46 percent).
Where Compliance Fits In
Participants were also asked about their approach toward compliance. Thirty-three percent cited “Prevention by Implementing Guidelines” (Best Practices) and 16 percent indicated “Measures or Sanctions.” But most companies (51 percent) are employing a mixed approach. Regarding the question, “In your opinion, should compliance and fraud management be combined?” 73 percent of the survey participants replied, “Yes.” Eighty percent regard data protection as important or very important.
The Consumerization of IT
The vast majority (95 percent) of those surveyed assume that IT consumerization, in the form of new social media, cloud computing, mobile, and BYOD technologies, will increase the risk of fraud.
According to the survey participants, security issues are caused by a higher risk of data leaks—either due to fraudulent intent (37 percent) or security leaks in the system (61 percent).
More Action Needed
Companies are more aware of the risks of insider fraud than they were two years ago. They are also expecting the risk to grow with the deployment of new technologies. Most of those surveyed feared that social media, cloud computing, mobile devices, and BYOD will increase the risk of fraudulent activities, largely because companies do not know who is accessing their data.
To address the risk, some companies have already assigned specific fraud managers; others are planning to do so in the near future. In general, however, there is a wide discrepancy between the recognized potential risks and the implementation of defense strategies. Unfortunately, many companies will learn the hard way that insider threat detection is not a luxury, it’s a necessity. The good news is that new technologies for combating insider fraud do exist, and they are effective.
Download the PDF of this brief
Luminet: The Insight You Need
Luminet sees, records, and analyzes user activity across all applications. It gives you a complete and accurate picture of who did what, and when—providing the intelligence you need to take informed action. Learn more.