Intelligent CISO Issue 13 - Page 49

W With so much security awareness, along with new regulations like GDPR and the California Consumer Privacy Act, it’s clear that the digital landscape is changing. Problem is, despite new rules, regulations and a higher level of awareness, fraudulent activity remains a growing challenge. The issue is so pervasive that out of 400 billion events monitored worldwide by NuData, 28% were high-risk fraudulent activity, according to information from NuData Security’s 2018 fraud trends datasheet. New account fraud and risk The same datasheet shows that the volume of fraudulent activity is actually increasing by emulating the way consumers interact with an organisation’s pages. To put it simply, bad actors mask themselves alongside a company’s good traffic, rendering it more difficult to identify a potential threat. New credit lines with instant approval are also a major target that quickly add up to unbearable losses. According to NuData’s report, in 2018 alone it took more than 53 million hours to clean up the mess of new account fraud. Given these findings, it’s more important than ever before that companies of all sizes and across all industries not only practice better security awareness but also put it into action by adopting and implementing improved policies and tools. Mobile mayhem As companies scramble to get up to speed with bad actors’ ever-evolving tactics, it’s important to note that not all fraud is created equal. NuData’s 2018 fraud trends during a webinar highlighted that distribution between mobile and desktop is vastly askew with mobile seeing 78% of traffic, while desktop had just 22%. This is important to mention because mobile malware is a major threat to businesses across various industries, especially those in e-commerce and banking. Kaspersky Lab indicated that the number of attacks using malicious mobile software nearly doubled in 2018 over the previous year. Ryan Wilk, Vice President at NuData Security, a Mastercard company www.intelligentciso.com | Issue 13 FEATURE Magecart, for example, has already wreaked havoc on several notable e-commerce companies including British Airways, Newegg and Feedify, among others, and is still going strong in 2019. There’s a lot of abuse in the merchant world but one of the things that’s high on that list involves trial fraud (think free- trials or coupons for signing up or being a loyal member). Bad actors will use credentials to create new accounts and will sell these free trials for a minor pay-out. Over time, however, these ‘free’ sales can add up to hefty amounts. Defending your systems This might seem like a no-brainer but having great tools is an absolute must. Even the most skilled security teams need equally smart equipment. The Maintaining tools that increase visibility into the attacks assists in showing red flags. bottom line here is that every business needs functionality that allows its security protocols to evolve with the bad actors’ techniques. Behavioural biometrics plays a key role in this area by allowing organisations to better understand where threats are coming from. This reinforces real-time risk mitigation behind the scenes. By continually monitoring activity with these tools, security teams can actually see where threats are coming from and be prepared for an attack when it does happen. Maintaining tools that increase visibility into the attacks assists in showing red flags. For instance, 49