Cyberinsurance is the fastest-growing insurance product in America as Yahoo and other breaches drive surge in corporate hacking insurance. The scale of fraud at Yahoo is astounding: in 2013 one billion accounts were hacked. No wonder The Wall Street Journal has just published an article on the “The Right Way to Answer Security Questions and More Online Safety Advice”, see.
Fraud occurs in many different areas of any business and their supply chains, there is no single solution. A holistic approach to fraud is vital, see, so that all aspects of fraud are managed. Individual solutions for a type of fraud need to be integrated with the overall approach. Each new package or system needs to be become part of this holistic approach.
Protecting your B2B web portal
The recently launched Guardian Analytics Sentinel™ uses behavioral analytics and machine learning to sniff out fraudulent activity. It is, Sentinel claim, the industry’s first and the most advanced behavioral analytics and machine learning solution to detect fraudulent activity, in real-time for B2B web portals.
The software is designed for companies’ supplier portals, which they use to submit invoices and maintain their contact and bank account information.
Guardian Analytics Sentinel™
Source & Copyright©2016 - Guardian Analytics
The Guardian Analytics monitors, analyses and calculates a real-time risk score for every online portal interaction and automatically quarantines high-risk transactions such as wire, ACH or foreign exchange transfers while expediting the process for low-risk transactions.
The behavioural based software picks up evidence of malware or an unauthorized location or device, e.g. transaction coming in from Russia when the customer normally comes in from Chicago. The use of behavioral analytics and machine learning technology makes for a speedier system and avoids the false positives that can be thrown up by rules-based software.
Guardian’s Sentinel could also be used with companies' treasury management systems or ERPs
What to do when you have been hacked
First, don’t do what Yahoo did: not tell anyone for years.
However, they are not alone in delaying telling anyone: “Companies are getting hacked more frequently but aren’t disclosing the incidents in their regulatory filings, a trend that worries investors.” writes Tatyana Shumsky in The Wall Street Journal. Shumsky continues, “To use the SEC’s yardstick—whether a data breach is material—company executives have to exercise judgment, seeking to strike a delicate balance.” (As to whom to tell and when.)
It is a particularly delicate balance when to tell shareholders, “Frequent disclosure of insignificant cyber incidents could overwhelm investors and harm a company’s stock price, said Eric Cernak, cyber practice leader at the U.S. division of German insurer Munich Re.” However, it is generally agreed that Target, who had a data breach involving tens of millions of customers, left it too long before publically admitting the scale of their breach. (For more details see Shumshy’s excellent article, here.)
CTMfile take: A holistic approach to fraud and cyberfraud, in particular, is essential. Telling shareholders and the market when you have been hacked is a delicate balance. But, not telling is a mistake and can have serious impact on your reputation.
Fraud prevention report: use holistic approach & machine learning + beware DarkNet
Fraud prevention is a combination of processes and systems. Each company has to develop their own strategy for minimising fraud
Cyber fraud prevention - the vital questions for your board
UK’s NCA Strategic Cyber Industry Group concluded: “Perfect security is almost impossible”, so your board better have appropriate answers to these questions or are you already in big trouble?
‘How customizing your fraud prevention can increase your bottom line’
Kount and Blue Snap show how tight fraud control can enable merchants to grow revenue without worry and at same time cut costs