Tag Archives: Cybersecurity

Fraud & Security How Are Telecom Providers Managing Cybersecurity Risk?

Man with laptop
Jul182017

Data breaches are in the news on an almost daily basis and telecom companies are not immune to attack – indeed, cyber-attacks have led to the loss of almost 50 million customer records in the past 10 years. For telecom businesses it’s not only the frequency and number of records that are breached that is of concern, it’s also the type of data that can be lost. Telecom companies are guardians of a rich set of customer data, including financial information. They also hold a valuable set of behavioural data about their customers based on how they use their services. This rich data set is a honey pot for cybercriminals – particularly those using data to fuel identity theft. We included telecommunications providers in the cybersecurity survey carried out on our behalf by independent research company Ovum. What did we find? A full assessment of our findings for the Telco industry... [Read More]

Leave a comment

Fraud & Security Cybersecurity – Who Is The Biggest Internal Risk?

Man with laptop
Jul062017

When it comes to cybersecurity, crooks need a way into our businesses and often someone gives it to them – mostly unintentionally. An understanding of who the unwitting accomplices are will help IT security to protect the organization. In a recent survey conducted for us by research company Ovum, we asked senior security executives which employees or third parties posed the highest cybersecurity risk to their firm. Although 77% of respondents said that their employees have sufficient information on how they can contribute to prevent breaches, internal staff were still perceived to present the biggest threat to cybersecurity. Interestingly, most respondents saw the highest risk as coming from their internal IT function – they highlighted their own departments as the weak link. While most do think they have educated employees well, we had many comments regarding the need for further education programmes. The need to secure employees devices, particularly in... [Read More]

Leave a comment

Fraud & Security Cybersecurity Insurance – 3 Reasons Businesses Aren’t Buying

Cybersecurity risk score scale
Jun262017

We recently commissioned a study from independent research company Ovum on how organizations are tackling cybersecurity and what they plan to do next. Losses because of a data breach or other cyberattack can be severe, particularly when factors such as customer and shareholder confidence are taken into account. We therefore expected that cyber risk insurance would be an increasingly important way in which organizations are mitigating their risk. The results were far from uniform: The UK was the most insured country we surveyed, with 69% of respondents holding some kind of insurance, and the USA was the least insured – only 51% of US respondents had any kind of cyber risk insurance. Across the industries surveyed, financial services firms were the most likely to be insured (71%), and healthcare the least likely (26 percent). Even when businesses have invested in cyber risk insurance, it’s unlikely to cover them for all... [Read More]

Leave a comment

Fraud & Security 6 Principles for Cyber Risk Scores — and Why We Need Them

Cybersecurity risk score scale
Jun202017

The use of scores that rate a firm’s cybersecurity risk — such as the FICO® Enterprise Security Score — is picking up momentum. In an effort to ensure that these scores consistently add value, and to ensure that they help rather than harm businesses, a group of firms recently convened to develop industry standards for cybersecurity ratings. FICO joined this group, along with several Fortune 500 companies and a number of the country’s biggest banks, and I am proud of the principles we developed. By creating these principles, we sought to: Promote quality and accuracy in the production of security ratings Promote fairness in reporting Inject best-practice decision management governance standards into a new domain Include a coordinated process for adjudicating errors or inaccuracies in reported content Establish guidelines for appropriate use and disclosure of the scores and ratings Why were principles needed? One reason is that there is a... [Read More]

Leave a comment

Fraud & Security Cybersecurity – Is a Lack of Good Benchmarks Misleading Execs?

Jun142017

A recent survey carried out on our behalf by research company Ovum found that 48% of organizations think that in a year’s time, an assessment of their cybersecurity will show improvement. Only 3% think that their cybersecurity position will have worsened. Most companies also think they are doing well compared to their competitors; a mere 6% think their cybersecurity is below average and 54% think they’re above average or a top performer. This is statistically unlikely. It seems that many are taking an optimistic view of their cybersecurity. Could a lack of objective measurement be to blame? Here’s what our survey participants said: It is encouraging to see that 94% carry out some form of assessment. However, consideration must be given as to how objective the methods used are. 38% of respondents say they self-assess based on their own criteria, this is the largest and possibly the most worrying category.... [Read More]

Leave a comment

Fraud & Security Are the C Suite Complacent About Cybersecurity?

Notification of Tweet Chat
May302017

Given the significant consequences that face board members in breached organizations, you might expect that they are giving cybersecurity their full attention – but are they? Our recent survey with research and consulting firm Ovum sheds a revealing light on this.  Do they think the problem will go away? No one is expecting cyber-attacks and breach attempts to stop, and only 1% of respondents think that levels of attack will go down in the coming year, while 62% expect the rates of attack to increase. This reflects recent experience in their own organizations, 60% have experienced an increase in attempted data breaches in the past year, 24% of those polled have seen attempts increase in volume by more than 25%. Verdict: Not complacent – they recognize that cyber threat is on the increase. Are they investing enough to fight cybercrime? Although 62% of organizations expect cybercrime attack rates to go... [Read More]

Leave a comment

Fraud & Security Are You in the Half of Firms with No Tested Data Breach Plan?

May232017

Last week alone, a New York hospital, a US car washing business and a UK online retailer all suffered headline-making data breaches. There is no fool-proof cybersecurity defence, so businesses of all sizes need to consider not only how they can prevent breaches but also determine what they will do should the worst happen. Additional losses are heaped on companies that fail to manage the fallout from a breach well. Poor customer communication, disastrous PR and a slow or ineffective response all damage reputation, lose customers and worry shareholders. Despite this, a new, independent cybersecurity survey we commissioned with independent research and consultancy firm Ovum shows that only 51% of companies surveyed have a tested data breach response plan. Looking across the six countries we surveyed, it’s clear that some are doing better than others, though none had excellent coverage on this question. The Norwegians are top of the class... [Read More]

Leave a comment

Fraud & Security 10 Ways We Make the Cybersecurity Executive Order Actionable

White House logo
May222017

The President’s May 11 executive order Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure seems to have been met with broad support.  While a few have been critical that it was not bold enough, most reviewers seem to be endorsing the main message, both for what it does (initiating broad self-assessments by agencies), and for what it does not do (consolidate all accountability in the DoD). The broad strokes: This order endorses, mandates, and accelerates the adoption of existing frameworks as well as ongoing risk assessment and mitigation, but it does not set the game clock back by forcing the creation of new frameworks or imposing stifling centralization. Full disclosure: I’m accountable for growing the cybersecurity business line at FICO. That said, in reading the text of the order, I was struck by the broad alignment of its goals and directives with the goals, use cases, and specific capabilities... [Read More]

Leave a comment

Fraud & Security What Do the C-Suite Think About Cybersecurity?

May032017

Cybercrime against businesses and other organizations is undoubtedly a hot topic, with regular news headlines and cautionary tales of those who have been breached. We wanted to understand the changing views from the C-suite about cybercrime, what they have been doing to tackle it and what they plan to do next. To find the answers we engaged research analysts Ovum to carry out an independent research project for us across 6 countries – and the answers are on the way! We want you to join the conversation so we’ll be releasing key statistics from the research in a Tweet Chat on 1st June at 4pm BST / 8 am PDT – please tweet along #cybertrends and join us to find out: The types of organization that are looking to invest in cybersecurity in the coming year. The industries that have been experiencing the biggest increase in attacks. The country where only 41% of... [Read More]

Leave a comment

Fraud & Security Behavioral Analytics Attack Fraud, Cyber and Financial Crime

Hand holding analytics
Apr122017

Economies of scale is one of my favorite economic principles. It’s especially cool to see how FICO customers can realize associated benefits by using our behavioral analytic technology. IDC predicts that in 2017, behavioral analytics across compliance, fraud, and cyber detection and prevention will be in place at 15% of banks, helping them to avoid losses, regulatory fines and sanctions. Banks have already made a big start in the fraud space. FICO introduced behavioral analytics in the early 1990s and we currently analyze two-thirds of the world’s payment card transactions, in real time, for fraud. Now, FICO’s proven behavioral analytics can be applied by forward-thinking institutions to fight a wide range of financial crimes. In doing so, banks can gain powerful technology economies of scale, too, leveraging mature, market-proven analytic models to benefit new domains within their business. How do behavioral analytics work?   A quick search may tell you that... [Read More]

Leave a comment