Data is more powerful than money
Cyber criminals are no longer focused on stealing money from organisations, data is far more powerful than money has ever been.
This is according to Davina Myburgh, director of product and innovation solutions group at TransUnion.
Speaking at the ITWeb Security Summit 2018 held at Vodacom World in Midrand this week, Myburgh explored the growing access fraudsters have to data and the critical importance of identity management strategies.
Myburgh made reference to PwC's Global Economic Crime Survey 2016.
"Cybercrime has escalated astronomically over the past two years, with 32% of South African organisations being impacted. This number is up from 23% in 2014. What is more shocking though is that only 35% of local businesses have some kind of cyber incident response plan. This means a staggering 65% of South African businesses do not know how to react to or detect a cyber attack."
Criminals have more access to data now than ever before and identity management strategies that result in a positive customer experience will be critical to business in managing their risk while still growing their bottom line, explained Myburgh.
"There are two distinct types of cyber fraud. The first is where criminals are looking to stealing data which they can monetise, potentially damaging a company's reputation in the process.
"The second type is where they steal a company's intellectual property. Through this, they can literally put that company out of business."
Loan stacking and mining crypto-currencies, she explained, are among the fastest growing new trends.
"One of the newest trends that we are picking up is loan stacking. This is where an online loan or cash advance is approved on top of another loan or advance that is already in place. The criminals just stack loans on top of each other."
In 2017 malware turned its attention towards mining crypto-currencies, which is proving to be a highly profitable for cyber criminals, she added. "Cyber criminals are constantly inventing new ways to exploit their victims, and organisations need to be able to keep up with new trends in their fraud risk strategies."
Myburgh also emphasised the importance of adopting a multi-layered approach to fraud prevention.
"Organisations have to actively prepare for the unexpected. You can't just use traditional verification systems. They have to be overlaid with additional security measures such as a one-time password, a digital verification or knowledge based authentication, or document verification or a whole combination system, depending on your business," she concluded.