Fraud Management & Cybercrime , Fraud Risk Management , Ransomware
What Are the Barriers to Fraud and Cyber Team Integration?
Jonathan Frost of the Stop Scams Alliance on Creating Successful Fusion CentersFinancial institutions are promoting fusion centers to unify fraud and cyber teams, yet these centers have not been adopted on a widespread basis. Jonathan Frost, board member at the Stop Scams Alliance, says the main reason for this is the lack of interaction between the two teams.
See Also: Mitigating Identity Risks, Lateral Movement and Privilege Escalation
Curiosity is one factor that will make both the teams work together. "Curiosity about the capabilities of respective parts of an organization - to fuse these two teams, you will have to find a way to make them work together," Frost said.
For example, in the case of ransomware, the fraud team will invariably focus on where the money went while the cyber function will be more concerned about the origins of the attack and how the threat actor hacked into the organization's infrastructure.
But a highly effective method for the fraud team to determine why a customer might be making an unusual transaction is to collaborate with the cyber team, he said. Collaboration helps determine if the customer is under attack by identifying possible indicators, even from external sources. Such collaboration can provide a clearer understanding of the risks associated with the money's movement.
In this video interview with Information Security Media Group, Frost discussed:
- The challenges of creating and running a fusion center;
- Key success factors for fusion center operations;
- How cyber and fraud teams can tackle ransomware together;
In addition to helping lead the Stop Scams Alliance, Frost acts as an independent consultant to several organizations that seek to reduce fraud and cybersecurity risk. He previously worked at the City of London Police, where he led the development of the U.K.'s National Fraud and Cybercrime Reporting system.