Staying One Step Ahead of Cyber Criminals
The pandemic jettisoned digital activity as we ordered groceries for curbside pick-up, stayed connected to loved ones via social media, and conducted work remotely from our homes. With the rise in digital activity, there’s also been a corresponding rise in digital fraud. According to the RSM Middle Market Business Index (MMBI)—a regular report that measures business health and outlook—in the first quarter of 2021, 28 percent of middle market C-suite executives said that their companies experienced a data breach in the last year, up from 18 percent in 2020 and continuing to rise steadily.
Since the start of the pandemic, middle market companies across a broader range of sectors have experienced increased fraud threats than ever before, says Melissa Harp, risk consulting principal at RSM Minneapolis. In fact, RSM found that 98 percent of cyber insurance claims in 2020 came from small to medium enterprises, including those in health care, manufacturing, professional services, and retail. The MMBI also identified an uptick in the volume of debit and credit card theft and mobile device fraud, showing that small companies, consumers, and community members have also become more frequent victims of fraud.
Staying ahead of the threat is challenging, Harp says, –but there are a growing number of actions, tools, and technologies that can help:
Understand your fraud profile.
Revisit your fraud risk assessment to account for the increased trends in risk around third-party vendors and cyber fraud. Most public-filing organizations are already required to complete fraud risk assessments, but smaller organizations should also incorporate a fraud risk assessment into their annual planning and risk assessment activities. Simply identifying areas of fraud risk can ensure that a company has internal controls and safeguards in place to help reduce its vulnerability.
Revisit some of the strategic decisions accelerated by the pandemic.
To satisfy immediate needs at the start of the pandemic, many companies rapidly expedited the onboarding of new third-party vendors or the implementation of new systems or technologies without following their full vetting processes. It’s not too late to go back and identify which vendors, systems, and technologies were rushed through approvals. Harp recommends performing post-diligence assessments now.
“Since the start of the pandemic, middle market companies across a broader range of sectors have experienced increased fraud threats than ever before.” Melissa Harp, risk consulting principal at RSM Minneapolis.
Utilize a cloud-based technology strategy.
According to the MMBI, 40 percent of midsize companies leverage a cloud-based technology strategy to benefit from the monitoring and agility offered by cloud service providers. With the potential for fraud on the rise, Harp recommends engaging a third party for security-as-a-service so that it can continually monitor and proactively identify potential cyber threats.
Invest in fraud training for your employees.
Many instances of fraud are actually detected and reported by employees themselves. By updating and enhancing employees’ understanding of fraud risk, they can be the canaries in the coal mine or your company. Maintain confidential hotlines and reporting mechanisms so employees can notify and alert oversight committees and/or leadership to any anomalies they encounter. Many software vendors provide online fraud modules that are cost-effective means to educate your employee base.
Ensure you have appropriate fraud and cyber insurance coverage.
Make sure you’ve got appropriate fraud and cyber coverage for your business. General liability coverage typically does not include cyber liability in the event of a data breach which compromises sensitive customer data. You should contract for cyber liability insurance to defray costs of customer notification, incident discovery, and recovery should a cyber event occur.
Consider adding analytics software.
If you have a high volume of digital transactions, consider employing an analytics software to help detect fraud and analyze anomalous transactions. Your IT security function can suggest analytics tools appropriate for your data environment.
To learn more about how your organization can stay ahead of the digital fraud curve, sign up to receive timely insights from RSM’s experts at https://response.rsmus.com/RSMpreferencecenter.