Article:

Cyber fraud and data breach protection: Challenges and best practices

30 July 2019

Gregory A. Garrett, Head of U.S. & International Cyber security, BDO USA LLP |
Leon Fouche , National Leader, Cyber Security |

Cyber fraud and data breaches are rampant and a growing concern globally. The number and level of sophistication of cyber attacks are increasing at an alarming rate. Nation-state and criminal cyber attack groups are often working together by deploying an ever-expanding array of social-engineered cyber attacks, including:

  • Spear phishing attacks
  • Business Email Compromise (BEC) attacks
  • Ransomware attacks
  • Distributed Denial of Services (DDoS) attacks
  • Trojan-horse malware attacks.

The impact to both the public and private sector is real and significant, creating huge financial, operational, and reputational risk factors for organisations worldwide. According to the U.S. Security Exchange Commission (SEC), the average cost of a cyber data breach is now $7.5 million (USD).

Our recent BDO and AusCERT Cyber Security Survey found that data loss and theft of confidential information rose by 78.68% between 2017 and 2018 alone. In addition, the average cost of cyber liability insurance coverage has increased by 30% or more each year for the past several years. With the tremendous growth of the Internet of Things (IoT), there has been a 600% increase in the number of cyber attacks on IoT devices in the past year, with many attacks focusing on medical devices.

The expanding use of the internet and software applications has dramatically increased the potential number of vulnerabilities within information systems, networks, software, and their respective endpoints. These vulnerabilities make these environments susceptible to potential fraudulent actions, such as identity theft, identity fraud, business email scams, and cyber data breaches.

Recent data breaches show that hackers increasingly target Personally Identifiable Information (PII). Our survey found that PII is stolen in half of all data breaches. Similarly, the survey showed that one in four data breaches impact identity documents (which can directly enable identity theft and fraud).

Payment Card Information (PCI) is considered high-value for hackers. Our survey has found that more than one in ten data breaches compromise PCI. Global trends show hackers are focusing more on Intellectual Property (IP) and Protected Health Information (PHI).

The growth of the cyber security marketplace

The cyber security marketplace has rapidly expanded to become a $100 billion annual industry, offering a wide range of cyber security hardware/products, software, and professional services. Today, there are an incredible number of companies offering one, if not all, of these, often claiming to have the solution to one or more cyber security needs. Unfortunately, no one product or service can provide a magic solution to this multi-faceted, ever evolving, and highly complex information security global set of challenges.

Cyber fraud and data protection – Top ten challenges

Based upon our experience with hundreds of companies worldwide across all industries, the following list outlines the most significant cyber fraud and data protection challenges faced by majority of organisations in the public and private sectors:

  1. Knowing what the best methods or tools are to identify, track, and maintain all data/information assets with appropriate information governance, data mapping, and cyber security
  2. How an organisation can verify identities and control information access in an efficient and cost effective manner
  3. Understanding what the best methods, tools, and techniques are to manage third-party/supply chain partners’ compliance with evolving cyber security and data privacy regulatory requirements in Australia and internationally
  4. The best method to effectively deliver timely cyber security and data privacy education and training
  5. Whether an organisation should invest in acquiring new information security hardware, software, and resources to enhance cyber security, or outsource to a proven Managed Security Services Provider (MSSP)
  6. Who the organisation should turn to for advice after a major cyber data breach occurs
  7. What actions an organisation should take to ensure they are compliant with all of the current regulatory requirements for their industry and geographic location, plus all customer contractual requirements
  8. Understanding the proactive actions an organisation can take to mitigate insider threats and fraud
  9. What the best approach is to ensure an organisation has developed an appropriate Business Continuity Plan
  10. How much cyber liability insurance coverage an organisation requires.

Threat-based cyber security approach – Top ten best practices

To successfully combat cyber fraud and mitigate costly cyber data breaches, we highly recommend a threat-based cyber security approach. This requires your organisation to:

  1. Hire an independent firm to conduct some or all of the cyber security Advanced Diagnostic Assessments, including:
    • Email cyber attack assessment
    • Network and endpoint cyber attack assessment
    • Vulnerability assessment
    • Penetration testing
    • Social engineering testing
    • Red-Team security assessment
    • Security software tools assessment
  2. Hire a dedicated Chief Information Security Officer (CISO) who reports to the CEO or General Counsel to develop a sound cyber security and data privacy risk management program tailored to the specific cyber threats facing your organisation
  3. Implement Advanced Software Encryption with Multi-Factor Authentication (MFA) including biometrics
  4. Provide timely and effective cyber security education and training programs for the entire organisation (including C-suite)
  5. Implement a timely and effective software security patch management program
  6. Ensure the organisation has developed and implemented an appropriate information governance program to map and track all data assets
  7. Verify and periodically test the organisation’s Incident Response Plan
  8. Develop and periodically test the organisation’s Business Continuity Plan and Disaster Recovery Plan
  9. Implement or outsource managed detection and response (MDR) of the organisation’s information system, network, endpoints, software applications, and email system – 24 x 7 x 365 using the most advanced machine learning/artificial intelligence applications
  10. Verify the organisation’s compliance with all cyber security and data privacy regulatory requirements via independent compliance/risk assessments by qualified firms.

Summary

The risk of a large scale fraud or a massive cyber data breach negatively impacting an organisation’s reputation and operation is ever increasing. All organisations need to understand the value of the information assets they possess, the cyber security and privacy related risk, while factoring the benefits of cyber security investments and risk variables into their respective business equation.

Once all of the aforementioned actions are taken, informed business decisions can be made by the organisation’s senior leadership to mitigate potential negative impacts of cyber fraud or a cyber data breach and the post breach consequences. Said simply, investing in an email cyber attack assessment, penetration testing, spear phishing campaign, and/or a vulnerability assessment before a data breach and then mitigating identified vulnerabilities to cyber attacks, could reduce your organisation’s cyber liability insurance costs and reduce the impact of a data breach, thus saving millions of dollars.

Our cyber security professionals have a diverse range of backgrounds, including IT, operations, data privacy, and forensic technology. If you would like to discuss your organisation’s cyber security risk profile, get in touch with a member of the BDO Cyber Security team.

Each year, BDO in Australia and BDO in New Zealand, in partnership with AusCERT, measure organisations' responses to the growing threat of cyber attacks. This annual survey identifies the current cyber security trends, issues and threats facing businesses across Australia and New Zealand. Participate in the next survey by subscribing to our Cyber Security Insights. You can view the 2018/2019 survey findings here.