Ignoring fraud training as the foundation of your cyber security strategy is like counting on Google to educate your kids. Technology is a critical tool in the fight, but without well educated users, guided by knowledgeable teachers, the tools are a waste of your money.
Thanks to President Obama’s state-of-the-union plug for increased cyber security, the Chinese hacking of the New York Times and Wall Street Journal, and the hacking of a prominent celebrities, America is waking up to the tangible value of virtual data. Awareness is definitely the first step, but it is only the tip of the privacy iceberg. Just as in the age before the internet, the only thing keeping employees from selling secrets or participating in fraudulent activity are the human controls that discourage the practice. But it’s all the more hair-raising to think of the amount of digital secrets an employee has access to at any given time. The new tale of a Reuters journalist gone cyber-rogue adds a chilling wrinkle to the perils of protecting the data that keeps corporate profits ticking.
Insider fraud struck again yesterday, this time resulting in charges being filed by the U.S. Securities and Exchange Commission (SEC).
According to the SEC, a former executive in the Stamford, Connecticut offices of a New York-based broker-dealer deceived clients when selling them mortgage-backed securities (MBS). He allegedly told them that his firm paid more for the MBS than it actually did, or made up a fictional seller and arranged supposed trades, when in reality he was selling out of his company’s own inventory at higher prices to bank a better profit.
In the SEC filing, the former exec was said to have swindled his clients and brought in nearly $3 million in additional profits. While the duplicitous activity went unnoticed for a time, his star rose within the company and so did his bonuses.
Is there a chance that someone could be stealing your most profitable business secrets? Competitive intelligence isn’t new, but it certainly has gotten easier with the introduction of ubiquitous high resolution cameras (smartphones), miniature storage devices that hold massive amounts of data (USB drives) and advanced tools of human manipulation (social networking).
Dyson, the British engineering firm behind the popular bagless vacuum cleaners and Airblade hand dryers, accused their German counterpart, Bosch, of planting a mole, or corporate spy, inside their headquarters for two years to steal vital research and development information. Bosch has denied any wrongdoing and refuses to return the technology or intellectual property. In an odd twist, Bosch hasn’t publicly denied planting an inside spy to siphon competitive intelligence from their rival.
In a world of highly competitive and rapid technological advancements, this sort of news brings to mind three crucial questions for businesses wanting to protect their intellectual property:
Every dollar counts, now more than ever, as the government searches for ways to wisely spend our money. It’s dismaying to learn that an audit report from the Treasury Inspector General for Tax Administration (TIGTA) has found that the impact of identity theft on tax administration is significantly greater than the amount the IRS detects and prevents. Even worse, the “IRS uses little of the data from identity theft cases…to detect and prevent future tax refund fraud” according to Mike Godfrey, Tax-News.
The IRS is detecting far fewer fake tax returns than are actually falsely filed. 938,700 were detected in 2011. On the other hand, TIGTA identified 1.5M additional undetected tax returns in 2011 with potentially fraudulent tax refunds totaling in excess of $5.2B.
The study predicted that the IRS stands to lose $21B in revenue over the next 5 years with new fraud controls, or $26B without the new controls.