MEET THE PANELISTS
Kristi Blue, Corporate security officer
Blake Drennen, Information security officer
For as long as there have been financial institutions, fraud has always been a risk.
Currency gets counterfeited. Checks get forged. Employees or customers fall victim to a con artist. It’s estimated conservatively that the global cost of fraud is $5.4 trillion annually, and nearly half of all companies reported some type of fraud activity in the past two years.
Against this backdrop, hacking and cybercrime continue to evolve into more sophisticated threats. Technology is being used to help make banking and purchases more convenient, but this in turn increases the potential exposure of personal data, which can then be used to access bank and credit accounts. The information itself can also be sold off on the dark web to set up fraudulent accounts.
Farmers National Bank information security officer, Blake Drennen, warned of the dangers of ransomware and hacking during a recent Crain’s webinar, titled “Protecting Your Business and Customers from Fraud and Cybersecurity Issues.”
Data compromises – the catchall term for when personal, health or financial data gets into the hands of someone who shouldn’t have it – have increased 68 percent from 2020 to 2021 – and are up 23 percent over the previous all-time high in 2017.
Some companies might be too small to have a designated cybersecurity staff. But all companies can – and should – make sure their employees are trained to spot signs of cyberattack or fraud.
“Employees are our first line of defense, and it’s important to know they are our human firewall,” Drennen said.
Employees should be careful what they send via email – never passwords or other sensitive information, Drennen stressed – and carefully examine incoming email. Is it expected? Do you know the sender? Do you recognize the domain?
Kristi Blue, the corporate security officer for Farmers National Bank, echoed those sentiments and advised caution when getting unsolicited texts and phone calls, as well as emails. And if you get a call from someone claiming to be from a vendor, don’t be afraid to look up that company’s number and call them back if they sound suspicious, she said.
Blue also warned of physical mail theft, and recommended that mail be dropped off inside the post office or in a secure facility. Mail can be stolen from mailboxes – even U.S. Postal Service mailboxes – while awaiting pick-up.
Also, Blue said, business owners should keep the items they use for financial transactions – their own checks, credit cards and signature stamps – secure. Outside attacks are cause for concern, but 31 percent of fraud instances are from internal sources (and another 26 percent are a combination of internal and external parties).
When using a mobile device, only install approved apps from Apple or Google, the experts advised, and don’t open suspicious SMS messages, which could potentially open the way for dangerous malware. And never allow any outside remote access to your computer or mobile device, they added.
There are steps that companies can take to minimize fraud. Drennen recommended the use of multi-factor authentication for email, as well as better “patch management,” the regular updating of existing software. He said that 90 percent of data breaches could be prevented by regular updates.
Additionally, Drennen and Blue advised the limiting of privileges in order to manage access by allowing only certain people to have access to sensitive information. Duties can also be divided as an added layer of security.
“Whenever you have more than one person involved, the threat of fraud goes down,” Blue says.
Overall, Drennen said, most compromises are crimes of opportunity, so it’s important not to be an opportunity.
“Threat actors target low-hanging fruit because they know you don’t have your defenses up,” he said. “Be a tough mark and enable defense and depth tactics. You should stack your security and IT controls like the layers of an onion.”
To view the print PDF, click HERE.
Sign up for free email news alerts and stay connected to important business news straight to your inbox. Click below to see everything we have to offer.
Don't miss the chance to get the biggest news first! Stay connected to Northeast Ohio business news in print and online
For 40 years, Crain’s Cleveland Business has been the trusted source for business news and information for Northeast Ohio’s top executives and business owners.
700 W. St. Clair
Cleveland, OH 44113