According to PWC's Economic Crime Survey for 2016, more than 1 in 3 organisations surveyed have experienced economic crime in the last 2 years. The categories of economic crime are quite varied and include the illegal manipulation of money/property. Asset manipulation was the most prevalent economic crime reported by Irish businesses taking part in the global survey, followed closely by cybercrime and then accounting fraud.
In an age of disruptive technology, cybercrime in particular is a growing risk your organisation cannot ignore. Aside from the financial implications of a breach, the reputational damage can be huge. According to the survey, the retail and financial services industries are the most likely to be hit.
In assessing whether your organisation would withstand a cyber attack, you should consider a layered approach:
- educate staff and customers on the risks and how to identify a breach;
- develop internal policies and procedures to account for the risks;
- Preventative measures:
- update your security software;
- encrypt and password protect employee work stations;
- consider where and when your employees and customers would be at risk from an attack - is data accessible from un-secure locations on un-secure devices?
- Website Protection:
- implement a unique log in system to external portals where client data is held or accessible;
- use a two factor identification process to minimise the chances of a data breach;
- prepare for and consider the consequences of a security exploit such as a phishing attack, trojans, viruses or a keylogger attack on your business;
- back up your systems;
- ensure your systems can be shut down efficiently and effectively as part of your disaster recovery plan;
- Data Analytics and Back Office Monitoring:
- analyse customer activity;
- consider how you would be notified if a breach actually occurred;
- carry out regular internal and external security audits;
- focus on cybercrime prevention and data protection from the top down; and
- update management on security audits and perceived cybercrime risks. The prevention and reporting mentality is less likely to be seen at lower levels in the organisational structure unless management take the lead.
"Cybercrime continues to escalate in a hyper-connected business ecosystem – jumping to 2nd most reported economic crime". Remember that economic crime has a knock on effect on areas such as business relationships, brand strength, customer confidence and equally employee morale.
Moreover, the frequency of cyber attacks against Irish businesses has risen from 25 per cent in 2012 to 44 per cent currently, a rate that is considerably higher than the global average of 32 per cent.