All posts by Sarah Rutherford

Fraud & Security Why Do Hackers Commit Cyber-Attacks?

Dick Dastardly
Mar062017

Cyber-attacks are hitting the headlines on a daily basis and a lot of effort goes into both preventing them and dealing with the consequences when they have happened. Understanding the motivation behind attacks can help organisations understand more about the risks they face so that they can tackle them. So why do cyber-attacks happen? 1. For financial gain This is the most likely reason an organization get attacked. Criminals are looking to gain financially in three main ways: Data breaches to feed identity theft. Third-party fraud is fuelled by identity theft, and breached data gives criminals the information they need to take over someone’s identity. In the UK the CIFAS Fraud Scape 2016 highlighted a 49% growth in identity theft over the previous year. Criminal gangs are well-organised and operate on a commercial basis – there is a supply chain, those that steal data are unlikely to be the same criminals... [Read More]

Leave a comment

Fraud & Security The 4 Questions to Ask When Choosing a Cybersecurity Score

Cybersecurity posture score dial
Feb272017

Cybersecurity scoring is similar in many respects to scoring for credit risk. Credit scores are widely used to underwrite loans large and small, and are trusted by both lenders and regulators as reliable, quantitative tools for assessing risk at both the loan level as well as the portfolio level. They enable lenders to price for risk, and have served not only to expand the availability of credit to consumers of all stripes, but also add valuable elasticity to the economy. As with credit scores, the best cybersecurity scoring solutions use empirically derived predictive analytics to profile business systems and the environment they operate in – including inferred behavioral and policy indicators – to derive a score. These scores can tell you how likely your organization is to suffer from a data breach – they provide a forward-looking assessment of an organization’s overall cybersecurity posture. Cybersecurity scoring is a relatively new... [Read More]

Leave a comment

Fraud & Security Two Ways to Gain from Measuring Your Cybersecurity Posture

Cybersecurity posture score dial
Feb072017

Fighting cybercrime is often associated with preventing loss rather than generating a tangible benefit for your organization. However, understanding cybersecurity isn’t only about tackling the negative. If you understand your organization’s cybersecurity posture, you can not only prevent loss but also benefit in at least two ways: 1. Working with customers, partners and prospects. Customers worry about the cybersecurity risk you as a vendor could introduce to them. Tackling this issue can lead to lengthy questionnaires as part of their procurement process. However, with a good understanding of your cybersecurity posture, you have much of what is needed to provide the answers quickly and easily and in a way that is easy to understand. When you can demonstrate good practice and benchmark your cybersecurity posture with your competitors, you gain a competitive advantage. 2. Getting cyber insurance. Cyber-readiness is increasingly a necessity for organizations, but for insurance underwriters, evaluating an organization’s cybersecurity... [Read More]

Leave a comment

Fraud & Security How to Avoid the Risk in AML De-Risking

Risk with slash through it
Jan262017

The 4th Anti-Money-Laundering Directive (4th AMLD) is being enacted in the UK and this has increased regulatory pressure when it comes to tackling money laundering. Falling foul of the regulator has serious repercussions, including large fines, in the tens of millions of pounds for some offenders, loss of reputation and increased regulatory scrutiny. Given the high stakes, it is perhaps not surprising that organizations have looked to off-load any business where they consider there is a possibility that money laundering could happen. This has sometimes led to the closing of accounts or the refusal to open new accounts for groups of customers. Known as de-risking, this may seem an intuitive answer to managing the risk of money laundering, but it is not without its own complexities and risks. The Financial Conduct Authority (FCA) wants to ensure that if banks and other regulated financial organisations do de-risk, it’s in a manner... [Read More]

Leave a comment