Your biggest risk is from within your own company

[Audrey McNeil <audrey () riskbasedsecurity com>]

http://www.dynamicbusiness.com.au/news/your-biggest-risk-is-from-within-your-own-company-12112013.html

A new study has found over half of all fraudulent acts committed against
companies are done so by an employee of that company.

The study from KPMG International revealed the profile of the average
fraudster to help organisations better protect themselves.

Gary Gill, national head of forensic at KPMG Australia, said that we’ve
entered a new era for fraud and illegal activities, as more people adopt
new technologies.

“Social media not only provides increased opportunities for collusion
between internal and external parties, but also allows hackers to mine and
use the increasing amounts of available online data in targeted cyber
attacks,” Gill said.

“Organisations must be as sophisticated in their cyber security as the
hackers are in their methods. Cyber security must be a top priority in all
risk management strategies.”

According to the report, almost three quarters of fraudsters are aged
between 36 and 55, and collusion occurs in 70 per cent of cases.

The most prevalent type of fraud is misappropriation of assets; 40 per cent
is embezzlement, while procurement fraud makes up 27 per cent.

The main reasons people commit fraud is because of some motivating factor
opportunity, and rationale. Over 35 per cent of perpetrators exhibited a
sense of superiority as rationale for their fraud, while over half the
cases studied were motivated by greed, financial gain, or financial
difficulty.

The report also found that executive directors committed 29 per cent of
frauds.

Mark Leishman, Asia Pacific investigations leader at KPMG, said corruption
was a common element in cases of collusion, and the increasing rates of
collusion between insiders and outsiders suggests bribery will become a
growing problem.

“In Australia, changing economic circumstances have caused many
organisations to adopt cost cutting measures, which often start with
back-office and middle management. These measures in turn have a real
impact on the effectiveness of companies’ internal controls, increasing the
opportunity for fraud,” Leishman said.

“In this environment, procurement fraud, misappropriation of cash, and
information theft are the most common threats.”

KPMG warned that organisations must understand the changing environment and
behaviour of the fraudster in order to mitigate the risk of fraud and
respond quickly if a crime occurs.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

# OWASP http://www.appsecusa.org
# Builders, Breakers and Defenders
# Time Square, NYC 20-21 Nov
o()xxxx[{::::::::::::::::::::::::::::::::::::::::>

Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security offers security intelligence, risk management services and customized security solutions. The 
YourCISO portal gives decision makers access to tools for evaluating their security posture and prioritizing risk 
mitigation strategies. Cyber Risk Analytics offers actionable threat information and breach analysis.