Cybercrime - No One Is Immune
by AccountingWEB on
By AccountingWEB Staff
Senior managers need to take cybercrime more seriously. According to PricewaterhouseCoopers' (PwC) economic crime report, Cybercrime: Protecting Against the Growing Threat, businesses face serious threats from cybercriminals, from both within and outside their organizations.
The PwC report calls cybercrime one of the top four economic crimes – just after asset misappropriation, accounting fraud, and bribery/corruption – and it warns that cybercrime doesn’t get the attention it deserves. Instead of looking at cybersecurity from all angles, organizations have pigeonholed it as an IT problem.
These crimes aren't limited to big companies. While no industry is immune, communications and insurance companies top the list. The PwC survey says that "54 percent of the respondents who experienced economic crime were from organizations with more than 1,000 employees. But crimes committed against small and medium-sized organizations are on the rise as well, suggesting that fraudsters are now targeting these organizations more often."
CEOs should clearly define responsibilities for cybercrime, keep up-to-date on the latest developments in the field, and make sure their companies are constantly tracking risks and quickly handling problems as they arise. These and other conclusions were reported after nearly 4,000 people from seventy-eight countries were surveyed.
Highlights of the survey include:
- Sixty percent of respondents said their organization doesn’t monitor the use of social media sites.
- Two in five respondents had no cybersecurity training.
- Thirty-four percent of respondents experienced economic crime in the last twelve months, up from 30 percent reported in 2009. Half of those respondents perceive the risk of cybercrime to be on the rise.
- Almost one in ten who reported fraud suffered losses of more than $5 million.
- Fifty-six percent of respondents said the most serious fraud was an "inside job."
- Suspicious transaction monitoring has emerged as the most effective fraud detection method (up from 5 percent in 2009 to 18 percent in 2011).
"Although they are aware of the risks, companies are doing little about it and continue to be reactive rather than proactive in fighting cybercrime," the survey said. It also stated that more than half of respondents don't have, or aren't aware of having, access to forensic technology investigators, in-house capability to investigate cybercrime, and a media and public relations plan. Forty percent said they don’t have the in-house capability to prevent and detect cybercrime.
The survey found that the typical profile of an internal cybercrime fraudster is a junior employee or middle manager (cited by 84 percent), under the age of forty (65 percent), and employed by the organization for less than five years (51 percent).
So what actions should an organization take to defend against cybercrime? Here’s what the experts said in the report:
- Get the CEO involved – the CEO and the board of directors need to be aware of the risks and opportunities of the cyberworld.
- Look at how prepared an organization is for cybercrime – unlike traditional economic crime, cybercrime is fast-paced and new risks emerge all the time, which means an organization needs to adapt its procedures continually to reflect these.
- Be aware of the current and emerging cyberenvironment (situational awareness) – only then can an organization make well-informed decisions and do the right things at the right times.
- Set up a cyberincident response team that can act and adapt quickly – an organization can then track, assess risk, and deal with an incident as soon as it's spotted.
- Recruit people with the relevant skills and experience – they can pass this knowledge on to everyone else, helping to create a "cyberaware" organization that can protect itself better.
- Take a tougher and clearer stance on cybercrime – an organization should demonstrate it means business by taking legal action against cybercriminals and announcing what it's doing about threats and incidents.
Read the entire report, Cybercrime: Protecting Against the Growing Threat, to learn more.
You may like these other stories...
On the path to building a successful practice, sometime we get caught up the urgency of the moment, forgetting to take the time for extended thought. Reflecting on what I've learned in observance since I began in my...
A version of this article originally appeared at Practice Development Counsel. Many professions and industries struggle with inter-generational challenges. The advertising industry is just one of those industries...
By Phyllis Weiss Haserot, President, Practice Development Counsel This post originally appeared at Practice Development Counsel. Reflection is something I do a lot of – I have for many years quite...
Upcoming CPE Webinars
Hand off work to others with finesse and success. Kristen Rampe, CPA will share how to ensure delegated work is properly handled from start to finish in this content-rich one hour webinar.
FRF for SMEs Series--Statement of Cash Flows, Subsequent Events, Related Party Issues, Accounting for Investments including Consolidations, Part 4A
This webcast will cover the preparation of the statement of cash flows and focus on accounting and disclosure policies for other important issues described below.
We can’t deny a great divide exists between the expectations and workplace needs of Baby Boomers and Millennials. To create thriving organizational performance, we need to shift the way in which we groom future leaders.
In this presentation Excel expert David Ringstrom, CPA revisits the Excel feature you should be using, but probably aren't. The Table feature offers the ability to both boost the integrity of your spreadsheets, but reduce maintenance as well.