Over the last couple of months there have been several developments and announcements on fraud prevention, including:
- fraud keeps increasing: IBM Managed Security Services found that the total number of breaches reported since 2012 has decreased more than 50 percent. However, the number of retail records lost has increased exponentially. And in 2014 61 million records were stolen last year, down from 73 million in 2013. But, if you exclude the 2013 Target breach and the 2014 Home Depot breach, cybercriminals actually stole 43 percent more retail data last year than in 2013.
- In USA there is a new fraud prevention framework - COSO 2013 - which is now current. It consists of 17 principles to help companies defend against internal fraud and financial misstatements. US companies must prepare documentation to show their progress to external auditors and investors, see.
- Kofax® Limited have launched their SignDoc® family of e-signature solutions which enable businesses and government agencies large and small to implement e-signature capabilities into virtually any business process across their entire organization for internal or external use, see.
- Even the Internet Corporation for Assigned Names and Numbers (ICANN) fell victim to a phishing attack. Apparently hackers gained administrative access to some of the organisation's systems. Attackers sent phishing e-mails disguised as internal ICANN communications to staff members, and were successful in capturing the e-mail credentials of several employees which were then used to compromise other systems.
- Lessons from Sony hack: 1) hackers can destroy your data, not just copy it, 2) by the time a breach has been discovered, hackers have usually been in your system for months, 3) all companies should look at the NIST (National Institute of Standards and Technology’s (NIST) cybersecurity framework) framework and adopt the practices that are applicable to them.
- MasterCard predict the death of static passwords with 3DS 2.0: MasterCard says a forthcoming wholesale upgrade of the 3DSecure protocol for authenticating online transactions will pave the way for the introduction of more secure biometric and token-based prompts and the ultimate eradication of static passwords.
- ‘The Worst is Yet to Come’ according to the ex-NSA Chief on Cybercrime and other experts who are predicting a cyber-event that is both disruptive and destructive like the disruptive and destructive attacks that hit energy company Saudi Aramco in 2012, see.
CTMfile take: Cybersecurity is a major concern for all companies and their corporate treasury departments. If there is a cybersecurity event in your company, How would it affect corporate treasury?
Like this item? Get our Weekly Update newsletter. Subscribe today