Guide for fighting fraud and cybercrimes
Author: Christina Quaine, Chief Information Security Officer of AvidXchange
More workplaces are going remote, and fraudsters and cybercriminals have taken note.
The thieves are moving quickly to take advantage of the new and varied vulnerabilities remote environments expose. IT and security professionals are being challenged to find new ways to protect their employees, data and businesses.
According to research from Gartner, 74 percent of companies expect at least some of their employees to continue working remotely after the pandemic ends. Because of this, companies need to act now to better protect remote workers and environments and ensure the privacy of their customers’ data by maintaining strong corporate controls and procedures.
Here are six effective security best practices they can leverage to boost their efforts:
- Train employees to be vigilant in spotting dangerous spear-phishing email attacks that have increased 667 percent during COVID-19. By clicking on these fraudulent emails, employees unknowingly give criminals access to their personal and employer data, exposing valuable corporate information such as usernames and passwords, credit card account numbers, and customer identities.
- Provide employer-owned devices for all workers and define security protocols, such as use of VPNs, secure internal networks and firewalls. Many breaches happen because remote workers access corporate accounts on unprotected public Wi-Fi, conduct business on personal computers rather than an employer issued PC, and transfer files between work and personal devices.
- Require employees to keep software and systems updated, use strong passwords that aren’t easy to crack and regularly monitor accounts for suspicious activity.
- Set expectations around safety and enforce a strong safety culture, leaning heavily on policies and procedures that help ensure security and business continuity.
- Leverage powerful technologies such artificial intelligence (AI) to keep security risks in check. Nearly two-thirds of organizations identify AI as an important tool to identify cybersecurity threats and 69 percent believe AI will be necessary to respond to cyberattacks.
- Automate critical processes, such as accounts payable (AP) and payments. AP automation eliminates paper checks, one of fraudsters’ top targets; replaces error-prone manual processes; and provides clear visibility into financial transactions so organizations can better monitor, detect and prevent fraud.
Preparing for the Future
Whether we’re working remotely or back in the office, cybercriminals will undoubtedly evolve their methods and targets to take advantage of new opportunities as they emerge. They’re especially skilled at finding the weaknesses in security systems and exploiting them. By enforcing comprehensive security hygiene and relying on powerful technologies such as AI, automation, blockchain, cloud and machine learning to help, companies can stay a step ahead of cybercriminals.
You may also like: From Crisis to Prosperity: Experts Predict Financial Industry’s Path Forward
Christina Quaine is the Chief Information Security Officer at AvidXchange and has spent the last 19+ years focused on IT Audit, Vendor Management, IT and Payment Card Industry (PCI) compliance. Most recently she served as the Chief Privacy Officer for Ally Bank where she was responsible for regulatory compliance, governance, incident management and Data Loss Prevention (DLP).
She received her BS from Wayne State University and her MS from Walsh College in Business Information Technology and holds the following certifications: CGEIT, CIPP/US, CISA, ITIL and PMP.
Christina resides in Waxhaw, NC with her family and is a volunteer with ParaGuide and Project2Heel.