"A valuable source of structured thinking for risk professionals throughout the financial sector. It enables risk teams to keep up to date with the latest analysis across all risk types and encourages cooperation and debate."
An intelligence led approach to addressing cyber fraud: Proactive fraud auditing
Click the button below to download the full text of the article.
Abstract: It is estimated the global cost of cybercrime will grow to US$2 trillion by 2019. With more than six billion connected devices comprising the Internet of Things, the attack surface is growing for cyber fraud, one of the many types of cybercrimes. As more companies digitise the way they conduct business more data than ever is available to be stolen and monetised. At the same time, adoption of the internet continues to rapidly increase globally, adding more users for hackers to target. There has also been a sharp increase in the availability and advancement of cyber-attack tools online, such as the sale of zero day vulnerabilities, the discovery of which more than doubled in 2015. Such explosive growth in cyber criminal activity demands a new approach to defending against it or companies may be faced with the difficult decision to go out of business if suffering a cyber attack that can cause bankruptcy, either through theft of funds, destruction of data or irreparable damage to reputation. Traditional network defense approaches have been one dimensional, relying on technology as the gate keeper, however the adversary today is not only advanced and persistent but highly adaptable, constantly learning how to overcome defensive measures. As a result organisations must also adapt, using an intelligence led approach to prepare for and defend against such attacks instead of constantly reacting to them.
Keywords: cyber, fraud, intelligence, proactive, auditing
Elizabeth Petrie is the Director of Strategic Intelligence and Planning for Information Security, serving also as the Chief of Staff to Chief Information Security Officer of Citi. Prior to Citi she was the head of Cyber Intelligence for the Federal Bureau of Investigation (FBI) where she oversaw production of threat analysis for senior policymakers. Her career at the FBI also included authoring intelligence assessments on financial crime trends affecting global financial institutions. Elizabeth has over 20 years of experience as an intelligence analyst and holds a Master’s in Technology Management from Georgetown University as well as a Master’s in Criminal Justice from George Washington University.
Casey Evans is an Executive-in-Residence in the Accounting and Taxation Department at Kogod School of Business in the American University in Washington DC, where she teaches undergraduate and graduate accounting courses. Casey also has extensive industry experience handling a range of forensic accounting issues including fraud investigations, Securities and Exchange Commission and Department of Justice enforcement actions, financial reporting and disclosure issues, technical accounting issues and internal control reviews. She also regularly speaks to professional organisations and government entities on various forensic accounting topics. Casey is a Certified PublicAccountant and a Certified Fraud Examiner.