Improving Organizational Cyber Resilience Through Engagement - Finance Department
By Courtenay Brammar, Director of Risk Analytics and Insights, Cyber Security Case Studies
"Cyber resilience requires every employee to understand how they are uniquely responsible in both the prevention and detection of cyber attacks; this is no longer just IT’s problem. Part of this involves understanding how and why they may be targeted given their specific duties.”
Each week in the run-up to our webinar we will share a departmental specific insight to help risk managers when framing their cyber risk conversations with other company departments.
A company’s finance department is often a high value target for cyber attacks because it is the final authorisation step before money leaves the organisation and it is where sensitive non-public company information is aggregated and stored. Getting access to this information without detection provides attackers with an almost undetectable cyber crime opportunity. Often funds have exited the company’s control by the time an attack on the finance department has been detected. Worth noting that unlike with the theft of customer data the company has very little motivation to publicise a successful attack of its finance department. In the cases we’ve analysed, the weaknesses that tend to be exploited are around the remote nature of modern work: very little communication is done face-to-face or by telephone anymore and employees tend to trust what arrives in their inbox. Couple this with the fact that it’s very easy to establish who works in a finance department and you get the sense that the issue is perhaps bigger than reported.
So what should risk managers be aware of to shore up their finance team’s defences?
Long an attractive target for old-fashioned wire frauds, these have been made much more convincing of late through obtaining access to the CEO’s email account (or faking it) and peppering the content of the email with authentic titbits gleaned from a thorough study of relevant employees’ social media accounts. The FBI’s Internet Crime Complaint Center, or IC3, reported a 270% increase in this kind of attack since January 2015.
Individuals in the team have access to sensitive company financial data and projections, they have foresight before others which could materially affect the company’s share price. Hackers gaining access to this through stolen credentials circumventing most company’s endpoint security controls which will not alert on the seemingly authorised activity and all of this ‘normal’ activity will be buried in massive security logs, this concealment creating the perfect insider trading crime."
Want to Learn More? Join us for our Thought Leadership Webinar
Thursday, June 28, 2018
10:00-11:00 am EDT
Vladimir Antikarov, Principal, Verea Group LLC, Washington D.C.
Courtenay Brammar, Director of Risk Analytics and Insights, Cyber Security Case Studies, London
PRMIA Sustaining Members participate in thought leadership webinars for free.
Contributing members can attend for $35.00, and non-members are $75.00. If you aren't already a Sustaining member, join now to take advantage of this opportunity, in addition to numerous other benefits. Become a member now