10 Ways To Fight Digital Theft & Fraud - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IT Leadership // CIO Insights & Innovation
09:06 AM
Doug Henschen
Doug Henschen
Connect Directly

10 Ways To Fight Digital Theft & Fraud

IBM touts holistic approach to cyber-security, counter-fraud, and compliance efforts. Bankers, security experts, and a former White House CIO offer proactive advice.
1 of 11

The best way to thwart digital theft and fraud is to use a holistic, connected approach that takes advantage of the latest technologies and applies advanced analytics to vast data sets. It's an approach IBM touted at a mid-March event in New York where it brought together more than 100 security, compliance, and risk-management professionals.

IBM promoted new software and services designed to support this approach. Experts, including a former White House CIO and executives from banks, insurance companies, security firms, and government agencies, offered tips and best practices for moving beyond security, fraud, compliance, and risk silos. The stakes are higher than ever, with increasingly sophisticated and global digital criminals now responsible for some $3.5 trillion in losses each year, according the Association of Certified Fraud Examiners.

The most important advice is to break out of departmental silos. It's not that you should consolidate separate departments that address, for example, cybersecurity, fraud, and anti-money-laundering compliance efforts. But these separate groups should collaborate, with shared data, measures, goals, and coordinated incentives.

"If you start sharing information and thinking through processes across that data, it will help you to bust out of those silos," said Theresa Payton, who served as White House CIO from 2006 to 2008. Payton cited two organizations that created working teams across physical security, cybersecurity, anti-money-laundering, fraud, and risk departments. Collaboration helped one of these organizations, a defense contractor, spot a shell company posing as a supplier. As a result, the firm avoided a $500,000 wire transfer tied to a falsified purchase order, according to Payton.

Once you can span silos and share data, the next step is to apply advanced analytics to spot crime. Last year Atlanta-based SunTrust Bank was able to work across departments, pool information, and apply big data analyses to foil a sophisticated deposit-fraud scheme.

"These fraudsters knew more about our bank than some of our own people knew about how we post money to accounts," said speaker Aaron Glover, a senior analyst at SunTrust. "We discovered that we could work better together by establishing protocols for information sharing across anti-money-laundering, corporate security, and the fraud unit."

The upshot was that SunTrust was able to pool a variety of data sets, develop deep analyses to uncover the fraud patterns, and institute procedural changes to thwart the fraudulent deposits. "As a result we were able to save $5.8 million within one year," Glover said.

The New York State Department of Taxation and Finance uses advanced analytics and case-management capabilities -- core components of the Counter Fraud Management Software that IBM introduced -- to thwart $350 million in fraudulent tax refunds per year. Internal auditors who recovered an average of $500,000 per auditor per year a few years ago are now recovering $2.5 million per year due to case-management workflow automation and analytics that flag suspicious returns, said Nonie Manion, the department's executive deputy commissioner.

Other steps experts suggest include identifying and prioritizing the assets you must protect, holding "doomsday" drills to determine how departments will handle an incident, reviewing security policies and procedures with all employees, and working with law-enforcement and security groups to get ahead of cybercrime and fraud schemes. Read on for practical tips and technology advice that your teams can put into practice.

Doug Henschen is Executive Editor of InformationWeek, where he covers the intersection of enterprise applications with information management, business intelligence, big data and analytics. He previously served as editor in chief of Intelligent Enterprise, editor in chief of ... View Full Bio

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
1 of 11
Comment  | 
Print  | 
More Insights
Threaded  |  Newest First  |  Oldest First
D. Henschen
D. Henschen,
User Rank: Author
3/25/2014 | 12:09:10 PM
Silo approach all too common
I met a few cybersecurity, fraud and anti-money laundering execs at this event and the general sentiment was that they talk to their colleagues in the other areas, but they don't really have formalized and structured sharing of data and collaboration backed by shared incentives, measures and goals? Is this feel-good rhetoric, readers, or have you seen some of the collaborative successes reported by speakers at this event (SunTrust, NYS Office of Medicade, Westfield Insurance, IBM, etc.)?
InformationWeek Is Getting an Upgrade!

Find out more about our plans to improve the look, functionality, and performance of the InformationWeek site in the coming months.

Blockchain Gets Real Across Industries
Lisa Morgan, Freelance Writer,  7/22/2021
Seeking a Competitive Edge vs. Chasing Savings in the Cloud
Joao-Pierre S. Ruth, Senior Writer,  7/19/2021
How CIO Roles Will Change: The Future of Work
Jessica Davis, Senior Editor, Enterprise Apps,  7/1/2021
White Papers
Register for InformationWeek Newsletters
Current Issue
Monitoring Critical Cloud Workloads Report
In this report, our experts will discuss how to advance your ability to monitor critical workloads as they move about the various cloud platforms in your company.
Flash Poll