Infinitive Insight on “Cybercrime the New Normal”
Ray Vazquez, CEO of Infinitive Insight, was recently featured in Risk Universe, a new publication focused on operational risk. Commenting on “CyberCrime – the New Normal,” Vazquez highlighted how malicious insiders facilitate cybercrime by:
helping people on the outside to perpetrate fraud either directly or indirectly has been discounted. “Something as benign as someone leaving the company and sending their entire contacts list to their AOL account may not seem like a big deal, but if a hacker got their hands on that, they would have the tools to do a great social engineering scam because they would know who employees and clients are and who they report to, which can be used for spear-phishing.”
Check out the full article and the new publication here. (Free registration required.)
Vazquez touched on a few other key issues, including IT consumerization, where users bring their own devices to work. That phenomena has upped the stakes and increased the risk for organizations trying to keep tabs on malicious insiders.
Lastly, Vazquez touched on a counterintuitive fact about risk management; while many firms have the tools they need to identify malicious insiders, they lack a holistic and end-to-end perspective on operational risk, which greatly hampers their risk management efforts:
“You need to have a malicious insider’s mind-set. The good news is that most financial firms have all the tools they need in house … In most financial services firms and many corporations the businesses are siloed – they are segmented and there is often no clear understanding of business processes from end to end. The failure to have that end-to-end understanding of the business becomes an opportunity for the cybercriminal, because they are able to create a scheme in a silo that isn’t detected by other parts of the business until it gets big enough but by then it’s too late.”