Dan Dunford (North America) - The Impact of Fraudulent Behavior: Internal v External

Financial losses from the recent data hacks on banks and online services are being revealed bit by bit. For example, last month Citigroup disclosed that its credit card customers suffered losses of around $2.7 million from their account details being stolen.

While the loss is serious it actually only applied to 1% of the cards affected by the breach. This, and the fact that this represents 0.01% of all Citigroup credit cards puts the financial damage done by the external hackers into perspective, especially against the estimated scale of financial losses from insider fraud and theft.

When it comes to internal fraud, the ACFE report on occupational fraud and abuse estimates a typical organization loses five% of annual revenue to fraud committed by people inside the organization. This translates to a potential total global fraud loss for all organizations of more than $2.9 trillion in 2009.

This difference has been pointed out before, but it is worth repeating as organizations urgently need to review their data protection strategies. Protection from internal threats is key especially given the reputational damage that can be caused. Real financial losses do arise but the greater losses arise from how online services have had to be taken offline to protect customers. Losses from external frauds are harder to quantify and when revealed their scale can be relatively low.

Protection from internal threats by monitoring for internal fraudsstems serious losses that may be systemic and longstanding. Typically fraudulent acts can run for 18 months and add up to around $160,000 on average. What's more the opportunity for recovering losses is potentially substantial because currently occupational frauds are more likely to be detected by a tip off, according to the ACFE.

Through applying comprehensive anti-fraud controls internally, alongside implementing stronger data protection controls against external threats, organizations can manage these risks holistically with greater assurance and less likelihood of suffering serious financial losses.

By Dan Dunford, Security Product Specialist, Attachmate


« Jonathan Wright (Global) - Is the Internet Diverse Enough?


Margaret Dawson (Global) - IT and Business Benefits of Cloud-Based Integration, Part I »

Recommended for You

Trump hits partial pause on Huawei ban, but 5G concerns persist

Phil Muncaster reports on China and beyond

FinancialForce profits from PSA investment

Martin Veitch's inside track on today’s tech trends

Future-proofing the Middle East

Keri Allan looks at the latest trends and technologies


Do you think your smartphone is making you a workaholic?