editor’s question
W?
MICHAEL
REITBLAT,
CEO, FORTER
ith a new breach
occurring every
day, consumers
feel vulnerable
and expect
merchants to
protect their data.
Account security could be the difference
between a lifelong customer and a onetime
buyer, with compromised data from
these breaches being used to commit
fraudulent activity.
It is imperative for merchants to keep
both company and consumer data safe.
Most retailers have a dedicated security
team responsible for the safekeeping
of vulnerable data. However, security
engineers and risk teams are not the
only ones to come into contact with this
data. Regardless of the organisation’s
size, many employees, stakeholders
and third-parties come into contact with
company and consumer data in the
course of its management.
The biggest cybersecurity risk for many
businesses revolves around human
factors and employee behaviours.
Businesses are concerned with
employees inappropriately sharing
data, whether malicious or accidental.
Furthermore, the increasing use of
mobile devices increases the threat of
exposure, especially when concerning
the physical loss of devices.
Phishing attacks are one of the most
simple and effective means by which
employees inadvertently expose
company data. Fraudsters aim to gain
stolen Personally Identifiable Information
(normally obtained through sophisticated
social engineering tactics) of legitimate
individuals to conceal their true identities.
According to Forter’s Fraud Attack Index,
identity manipulation has increased by
30% in the last year, which can account
for approximately 41% of company
security breaches being associated with
a phishing attack, overall.
Organisations need to hire staff that are
well-versed in the risks associated with
handling personal data, but often holiday
rushes, peak seasons, or expected
online queue handling restrict the quality
of this process.
One way to combat this is to strengthen
your security training programmes and
The biggest
cybersecurity risk
for many businesses
revolves around
human factors
and employee
behaviours.
ensure that all employees, regardless
of where they sit in the hierarchy of the
business, are equally educated on the
risks associated with data privacy.
In the world of fraud prevention, manual
review and rules-based systems simply
introduce too many risks to a business;
these could result in huge financial
penalties and losses, not to mention
reputational damage.
Ultimately, the best way for enterprises
to manage data and avoid the above
pitfalls, is to automate the system by
which data is being processed and
reviewed to prevent damage associated
with human-activated data breaches.
28 Issue 24 | www.intelligentciso.com