The sophistication and volume of cyber attacks had led to a severe increase of corporate fraud. In fact, it has led to an all-time high of corporate fraud impacting organisations across the world.
Levels of corporate fraud have climbed since 2012, but 86% of companies around the world reported that they had experienced at least one cyber incident in 2017.
This revelation, albeit unsurprising, comes from Kroll’s annual global fraud and risk survey. It found that information theft has overtaken the theft of physical assets for the first time on record.
The survey found that just under 30% of companies confirmed they had suffered information theft, loss or attack in 2017 – making it the most common type of organisational loss.
Information-related risks were highlighted as the biggest concern among executives who participated in the survey. And as the General Data Protection Regulation approaches, the issue of cyber security should be a top priority for boardrooms.
More than half of those surveyed said that their companies were “highly or somewhat vulnerable” to information theft, which represents a rise of six percentage points on last year.
In a year dominated by cyber attack and cyber vulnerability headlines, the Equifax data breach has served as the most poignant for business leaders.
The US credit-reporting company is facing criminal and regulatory investigations after cyber attack led to the a data leak of 143 million US customers’ information.
“People instinctively think about data being targeted by cyber attacks, but not all threats to information are confined to the digital realm,” said Jason Smolanoff, senior managing director at Kroll.
>See also: Symbol executives charged over $200m fraud
“There is a convergence between physical and digital threats, with issues arising from equipment with sensitive data being stolen or lost, for example, or employees with access to highly sensitive information accidentally or intentionally causing a breach.”
No one is safe
Rob Norris VP head of Enterprise and Cyber Security EMEIA at Fujitsu suggests that following the cyber attack trend in 2017, no one is safe.
“While there is a heightened awareness of the issue – a fifth of the UK public think cybercrime and hacking are the biggest challenges facing the UK today, businesses still seem underprepared. Indeed, today 4-in-5 organisations still say that a lack of skills is the biggest threat to their cyber security.”
“Cyber criminals are becoming increasingly bold, finding new and creative ways to dupe people into revealing compromising sensitive financial and personal data. This means that “unusual behaviour” is getting harder to detect and might not seem unusual at all.”
“And with employees on the front line of this battle, more must be done to improve user awareness and training. Upskilling employees and making them more cyber aware is one of the most cost effective ways of reducing the probability and impact of human error.”
“But it won’t work as a standalone policy. Organisations need to continue to invest in technical and security controls. What’s more, businesses should be doing more to proactively search for the threats themselves instead of waiting for breaches to happen.”
“In today’s world, cybercrime is inevitable. How businesses plan for it, however, is what can make the difference on the long-term impact.”