Fighting the criminals businesses can't see
A quarter of all companies expect cyber crime disruption in the next two years.
The rapid digitalisation of the world's economy brings with it the potential for economic crime to cripple businesses in highly disruptive and devastating ways.
A recent 2018 PwC Global Economic Crime and Fraud Survey found a quarter of South African businesses believe that cyber crime will be the most disruptive economic crime to affect their organisations in the next two years. This statistic becomes even more startling when one considers that according to the findings of the PwC report, South Africa has the dubious honour of having the highest level of reported economic crime in the world, with a staggering 77% of companies being affected.
Junaid Amra, Partner in PwC's Forensic Services Division, says when it comes to combating fraud and economic crime, technology can become a double-edged sword. "In the never-ending efforts to modernise both the business and the fraud-detecting capabilities of the business, technology can become a business protector, but also a threat if the risks associated with technology deployment are not properly assessed," he says.
He points out a key finding in the global survey, which says technology has become so pervasive across every business process that how a company chooses to leverage this technology to combat crime is central to the customer experience. Amra further stated: "Over a fifth of all customers said business technology to predict fraud was producing too many false positives and these false alarms become invasive for the customer."
The survey found that companies are finding it increasingly expensive to invest in technology. "This being said, South Africa, and Africa in general, is investing in advanced technologies such as artificial intelligence at a faster rate than the rest of the world. This may be to play catch-up with the rest of the world in efforts to combat economic crime, but it also signals the seriousness with which cyber crime is being approached."
In addition to the customer experience being directly affected by the use of technology, criminals can and do use the company's own technology to commit their crimes.
With new digital products, criminals are given new attack vectors, making the job of stopping these attacks so much harder. "In the past, companies may well have used good old-fashioned business-to-business processes to bring a product to market, resellers, distributors and retailers. However, technology has meant that there are innovative business-to-consumer platforms providing a wider attack surface for cyber criminals," explains Amra.
In 2017, a single ransomware attack crippled the United Kingdom's National Health Service, not only threatening lives, but also crippling hundreds of thousands of computers around the world. This is just one example from many that can be cited. The potential for harm is frightening as the technical sophistication of external fraudsters and attack surfaces within businesses continue to grow side by side.
It is for this reason, says Amra, that more than a quarter of respondents to the survey felt that cyber criminals would attack them in the next two years.
The survey found that the responsibility of dealing with economic crime rests with the C-suite, Amra concludes. Based on incidents we've assisted clients with, organisations are falling into two categories: those who have executive-led initiatives and those who are crisis driven, ie, moving from one crisis to the next without a clear cyber security strategy supported by the C-suite. It goes without saying that organisations with executive-led initiatives are faring much better when faced with cyber attacks. From a steering, strategic and reputational point of view, business leaders such as the CEO are finding the buck stops with them in the fight against cyber criminals.