Posts Tagged :

Fraud Protection

Guest Blog, Tom Lysemose Hansen: Raising cybersecurity awareness in a mobile world

840 520 Jack Wynn

Promon founder and CTO Tom Lysemose Hansen, who has extensive experience in IT security and risk analysis and founded the company more than 10 years ago, analyses how companies tackle the growing threat of cyber-attacks, from the pros and cons of raising awareness among their customers, to the in-house cybersecurity talent shortage…

Mobile phones have become indispensable elements of our daily lives, from booking an Uber to checking the bank account, from online shopping to storing addresses and names. It even goes beyond that: with the steady rise of the Internet of Things (IoT), smartphones can now unlock your front door or start your car’s engine. While many laud the convenience and simplicity of modern mobile technology, cybercriminals are waiting for mobile users to make one single mistake to compromise their personal data.

Because mobile phones are an everyday item, human error, when it comes to safe usage, is unavoidable. Let your guard down for one second, and an innocent-looking email turns out to be a phishing one; one wrong click, and malware is up and running on your device. But it gets worse. They say identifying the problem is the first step towards solving it. The problem is that, according to a recent study by Promon, an overwhelming 89 per cent of users wouldn’t know if their smartphone has been infected. This leaves potential for an enormous amount of data to be exposed to hacking attacks.

Educating users about the threats of cybersecurity and how to protect their own data is one solution. But beyond individual users there are SMEs, multinational corporations, and banks, all of whom are storing and handling sensitive data. Should companies rely on the best judgement of their customers and employees when it comes to protecting enterprise apps? Users’ lack of awareness of the risks can lead to a disaster, not only at a personal level, but also for businesses across every sector.

Consumers need to be better educated about the threat of cyberattacks, that much is clear. But the ultimate responsibility lies within companies holding the know-how, financial support and immense decision-making power. The same study conducted by Promon shows that 43 per cent of users rely on passwords as the most popular security measure. This comes after numerous data breaches involving high-profile companies, such as Dropbox, Last.FM, Netflix and Yahoo. Clearly, businesses can no longer rely on the password and those who use them.

Despite repeated calls by industry experts, the problem is amplified by a shortage of cybersecurity professionals, as a consequence of insufficient education and lack of support from governments. It leaves organisations vulnerable, and while in-house talent shortage presents a challenge across every industry sector, companies need to take their fate in their own hands to ensure all employees are trained accordingly.

UK businesses are not the only ones fighting to gain their customers’ trust and keep their data safe, with US officials announcing that cyber attacks have quadrupled since last year and are increasingly targeting businesses, and companies in Australia and New Zealand being targeted by a ransomware campaign. The scale of the problem is a global one, and our response needs to be equally wide-ranging.

Another study conducted across as many as eight countries, including the UK, shows that four out of five respondents believe there is a shortage of cyber security skills, and 71% feel that this leads, subsequently, to direct and measurable damage.

The pressure that companies are under to tackle security threats is undeniable, but there is certainly cause for optimism. A growing awareness of cybersecurity among young people, topped up with alternative, hands-on leaning methods widely available on the market – such as Raspberry Pi – mean there are computer science enthusiasts than ever before, and it is the employers’ responsibility to guide and train these people, or at least loosen up entry requirements for jobs in cybersecurity.

Alternative, non-traditional options of training should be accepted for entry-level jobs; cybersecurity skills are not always gained through formal higher education and companies need to take a dynamic approach towards protecting their data and safeguarding their online presence. Mobile cybersecurity is still a relatively new discipline compared to traditional cybersecurity, so dynamism in building skills is even more important here.

It is important that businesses exploit the full potential of the cybersecurity environment. Companies need to act quickly to overcome the skills shortage, while governments need to implement long-term plans to make cybersecurity awareness the norm for all. This is no simple task, but tapping into the talent businesses already have at their disposal is a good place to start.

Crime law firm urges organisations ramp up fraud protection strategies…

800 512 Jack Wynn

The founder of award-winning crime law firm, Rahman Ravelli, has branded the recent high-profile arrests of nine individuals – including two police officers – as ‘embarrassing’ for the police force as it demonstrates that internal fraud can happen almost anywhere.

As it’s revealed that all nine have been released on bail until this coming January, the arrests, which were made by anti-corruption detectives, included a 32-year-old detective constable attached to Met Intelligence, who is suspected of money laundering, fraud by false representation, perverting the course of justice and offences under the Computer Misuse Act; as well as a 22-year-old police constable attached to Redbridge Borough under suspicion of fraud by false representation.

Mr Rahman commented that these arrests should act as a wake-up call for all companies to step-up their fraud protection strategies: “The incident is embarrassing for the Metropolitan Police as, after all, it is their job to be preventing crime and enforcing the law. To have two of its own officers arrested in an anti-corruption operation certainly does not look good.”

He continued: “But issues such as fraud and money laundering can be problems in any large company or organisation, whether it is the police, a financial institution such as a bank, charities, shops or other businesses.”

In addition, Mr Rahman also said that it’s crucial for company managers, directors and CEOs to instill robust practices and policies in place to prevent this kind of wrongdoing: “It is vitally important that those at the top of the organisation put time, effort and resources into identifying the ways that business crime such as fraud and money laundering could be committed by their staff or third parties,” Rahman said.

“Only by identifying the potential for such problems can organisations hope to tackle it. Once they have assessed the potential for crime they can devise and introduce working procedures that can prevent it happening in the future. Such an exercise is especially important at present as the government is considering proposals to prosecute those at the top of organisations if their employees are found to have committed fraud or money laundering.’’

Find out more about Rahman Ravelli here