Don’t Be Afraid To Play Ball With Today’s Hackers

They’re known as hackers, fraudsters, cheats, criminals, pirates, delinquents, crooks, and now…baseball players? One of our recent speakers in the webinar, A Smarter Approach to Counter Fraud, compared these hackers to MLB all-stars. Legend Ty Cobb holds the greatest career batting average ever with .366. That means he didn’t even hit the ball two-thirds of his at-bats – and hackers don’t need to be any more effective than that, either. They’re motivated to infiltrate your system no matter how many tries it takes.

But all it takes is one breach for a hacker to succeed, your organization to have been breached, and the public’s trust to disappear.

Chris Dorobek on the DorobekINSIDER program hosted a panel discussion with the following:

  • Nonie Manion, Director of Tax Audits at New York State Department of Tax & Finance
  • Jonathan Turner, Senior Director with Global Compliance Investigations at Wright Medical Technology
  • Ed Rounds, IBM Program Manager of Fraud, Waste and Abuse.

View the Webinar here

Ed Rounds stressed the need for an adaptable approach since fraudsters methods change so frequently. “The more data you can capture means the larger the observation space, which leads to better analytics, which leads to less breaches.”

Jonathan Turner discussed taking a holistic approach in catching the anonymous hackers. In order to stop them we “must use a range of different tools in order to recognize patterns. You can’t focus on one particular solution.”

Nonie Manion warned that similar tax collecting agencies must maintain positive public relations and keep pace with the changing times. “Our mantra used to be just to ‘collect revenue’ and today it’s to ‘efficiently collect the revenue with proficiency and integrity’.”

The three discussed how hackers are able to access internal data more easily than one might think.

“Criminal networks target organizations to learn their limits,” said Rounds. “Some gain access as employees to learn about thresholds and work with an external organization to monitor your own employees with the same analytics. They analyze what they use online and compare it too peers. Some fraudsters are better at studying data than the government.”

Manion has employed innovative tactics to combat internal worries. It’s a fine line between monitoring valuable data and invading employee privacy rights, but with so much information accessible it would be naïve not to keep track of it. Her branch has designed “selfie” accounts where management can observe mirror screens of employees to look for suspicious activity.

The panel also agreed on the multitude of reasons why companies should become more focused on countering fraud.

Rounds emphasized how the cost is more significant than just waste in spending. “Fraud is connected with terrorist activity. With $100 billion in improper payments at the federal level, we are all affected.”

The public is sometimes primed to think an event will occur if it’s made salient in the media even it’s not always accurately portrayed. “To truly access risk we need to measure the likelihood of fraud taking place, then the financial impact, and then other insularly impacts of fraud. Companies aren’t honest with number because they feel they can’t do anything about it,” said Rounds.

Paralysis from analysis is often an organization’s worst enemy. Turner echoed how everyone should begin their counter fraud program now regardless of their resources. “Take anti fraud steps and build with what you have. You don’t need a perfect system, just a better one than you have today. Don’t feel like your budget won’t get you to world-class today. Look at what you can do today. 10 years ago, no one saw today’s creature [of cybersecurity].”

“The biggest challenge is overcoming self defeat. The sense of denial on the front end can be toxic,” said Turner.

In a world where hackers will stop at nothing to create fraud, your best gameplan is creating a defense, perfect or not.

Leave a Comment

Leave a comment

Leave a Reply