Oct 17 2019

Security and Anti-Fraud Teams Must Work Together in Financial Services

Just as IT and banking teams have grown closer, so must the professionals working to keep customers’ accounts safe.

Our world has never been more interconnected. In industrialized countries such as the United States and Canada, more than 90 percent of the population is online. As organizations and people become more linked, inevitably their finances follow them online as well. Trillions of dollars are moved each and every day by governments, global companies and individual users through a variety of digital means.

No doubt, the advent of technology has provided an unprecedented level of convenience, reliability and speed for the flow of money while also creating new and historic wealth. But as we recognize National Cybersecurity Awareness Month, we must also confront the unfortunate fact that technology has provided the same benefits for cybercriminals. 

Over the past few years alone, several major banks have been victimized by cybercrime, including the attempted $1 billion SWIFT system heist from the Bank of Bangladesh in February 2016 and an $11.5 million cash-out from Bank of India ATMs in 2018.

And those are just a couple of headline-grabbing events. There are millions of other digital frauds that aren’t publicized but still have a huge impact on businesses and their customers. The broad implications are staggering: The World Economic Forum’s 2018 Global Risk Report estimates that the cost of cybercrime to businesses over the next five years will reach $8 trillion.

Cybersecurity and Anti-Fraud Teams Must Work Better Together

Financial services companies employing a traditional approach in response to cyberfraud typically have their information security teams address the technical issues — such as understanding how the attacker was able to obtain information electronically and why security controls didn’t prevent the intrusion or theft — while fraud teams look closely at the customer, their accounts and how money can be retrieved. Rarely do the two teams work together, let alone talk to one another on a regular basis.

While this traditional approach may have been adequate in the past, there is now a better way.

Since the emergence of computer banking in the 1980s, the once-foreign concept of bankers and IT teams working seamlessly together has become the norm. A similar approach now needs to taken by cybersecurity teams and their anti-fraud counterparts. This fused security approach will provide a number of advantages to the financial community, such as:

  • An improved understanding of threat actors’ tactics, techniques and procedures that enable the creation of enhanced cyber- and fraud defenses.
  • The combination of what is normally siloed cyber and fraud data into one integrated data lake that can provide a more holistic, Big Data anomalous detection modeling capability.
  • Faster cyber and fraud response to attacks that are part of a campaign (such as ATM cash-outs), or that have a higher cash loss potential, through the utilization of integrated cyber-fraud response plans.
  • Greater organizational and fiscal efficiencies, as two teams become one.
  • Fewer attacks and fraud losses, as a lack of ROI drives hackers away from organizations that are using this new approach to cyberfraud.

MORE FROM BIZTECH: Learn which 3 cybersecurity threats organizations should be looking out for.

How a Fused Cybersecurity Model Works in Practice

Once this capability has matured, there are opportunities to build this integrated security model with physical security teams, anti-money-laundering groups, and external partners in both the public and private sectors.

For example, BMO Financial Group has begun to implement this fused approach with the establishment of its Financial Crimes Unit and Fusion Centre.

The Financial Crimes Unit integrates leading global security practices to protect the company, its customers and its partners. It’s designed to help ensure BMO is well protected from current and emerging cybersecurity, fraud and physical security threats by enabling the company to predict and prevent those threats, assess and deploy emerging security capabilities across business and technology strategies, and demonstrate leadership to enhance confidence in the company’s security competency.

Meanwhile, the Fusion Centre utilizes a central location with advanced capabilities for predicting and managing threats and events, while also embedding expertise from all banking groups and security-related functions. It also maintains strong links to the external environment.

While this new silo-breaking approach may seem radical, unnecessary and extreme to some, the threats of the 21st century call for it. The rewards for companies that are willing to take it on are certain to be significant.

alexsl/Getty Images