Cybersecurity and Anti-Fraud Teams Must Work Better Together
Financial services companies employing a traditional approach in response to cyberfraud typically have their information security teams address the technical issues — such as understanding how the attacker was able to obtain information electronically and why security controls didn’t prevent the intrusion or theft — while fraud teams look closely at the customer, their accounts and how money can be retrieved. Rarely do the two teams work together, let alone talk to one another on a regular basis.
While this traditional approach may have been adequate in the past, there is now a better way.
Since the emergence of computer banking in the 1980s, the once-foreign concept of bankers and IT teams working seamlessly together has become the norm. A similar approach now needs to taken by cybersecurity teams and their anti-fraud counterparts. This fused security approach will provide a number of advantages to the financial community, such as:
- An improved understanding of threat actors’ tactics, techniques and procedures that enable the creation of enhanced cyber- and fraud defenses.
- The combination of what is normally siloed cyber and fraud data into one integrated data lake that can provide a more holistic, Big Data anomalous detection modeling capability.
- Faster cyber and fraud response to attacks that are part of a campaign (such as ATM cash-outs), or that have a higher cash loss potential, through the utilization of integrated cyber-fraud response plans.
- Greater organizational and fiscal efficiencies, as two teams become one.
- Fewer attacks and fraud losses, as a lack of ROI drives hackers away from organizations that are using this new approach to cyberfraud.
How a Fused Cybersecurity Model Works in Practice
Once this capability has matured, there are opportunities to build this integrated security model with physical security teams, anti-money-laundering groups, and external partners in both the public and private sectors.
For example, BMO Financial Group has begun to implement this fused approach with the establishment of its Financial Crimes Unit and Fusion Centre.
The Financial Crimes Unit integrates leading global security practices to protect the company, its customers and its partners. It’s designed to help ensure BMO is well protected from current and emerging cybersecurity, fraud and physical security threats by enabling the company to predict and prevent those threats, assess and deploy emerging security capabilities across business and technology strategies, and demonstrate leadership to enhance confidence in the company’s security competency.
Meanwhile, the Fusion Centre utilizes a central location with advanced capabilities for predicting and managing threats and events, while also embedding expertise from all banking groups and security-related functions. It also maintains strong links to the external environment.
While this new silo-breaking approach may seem radical, unnecessary and extreme to some, the threats of the 21st century call for it. The rewards for companies that are willing to take it on are certain to be significant.