With the Olympic games still fresh in our memories, many of the athletes can look back at months, years and in some cases decades of preparation and training. Some of the lucky ones have been rewarded with medals. Every competitor had studied various strategies: What to do at every point in the competition, and how to react to every eventuality in order to increase the chance of winning.
They all practiced what in the military we called the 7Ps (Proper Planning and Preparation Prevents P*ss Poor Performance). This adage is true whether you are an Olympic athlete or, say, a professional fighting financial crime.
In our world, hardly an hour goes by without there being an article, a tweet, a blog or other commentary about data compromises at Target, Neiman Marcus, Korean firms or other enterprises. No event on its own should surprise us. I came across this great infographic that shows how pervasive this problem is.
More attacks will happen, more data will be compromised and we need to be prepared, not surprised. The best strategy is to ensure that the data collected by the criminals becomes useless to the fraudsters, or that their use is severely restricted, which will minimize the impact.
In the 1983 film War Games, NORAD used a fictional supercomputer called WOPR (War Operation Plan Response — I think the name gave away the fictional part!) to continuously run nuclear war simulations and intelligently predict the outcome. Real computers are probably hard at work doing the same thing today for the military in many countries.
FICO advocates that fraud departments execute their own “Fraud War Games.” Run the drill and find out: Are you prepared? Do you have the right countermeasures? What are your response plans? How would you react if another, larger breach happened tomorrow? Do you have the capabilities to take a data-driven approach?
You don’t need a WOPR of a supercomputer. FICO advisors have been working with clients to:
- Automate and accurately identify links between frauds
- Identify a compromise before any real damage can be done
- Define customized treatments based on risk severity
- Develop response plans
- Create comprehensive threat and vulnerability programs
If you need assistance in planning your own war games, give us a call.
Thanks to Adam Davies, who runs the fraud consultancy team of Fair Isaac Advisors, for this post.