printer friendly version

The key to fraud prevention

One of the greatest challenges facing organisations is the time-consuming nature of detecting and investigating fraud, which further impacts the financial and productivity losses caused by the fraud itself.

Stephan le Roux, district manager of RSA, The Security Division of EMC Southern Africa

Stephan le Roux, district manager of RSA, The Security Division of EMC Southern Africa, says specialised teams are required to investigate fraud properly. “Inevitably, a high percentage of fraud is missed and it is difficult to determine the full impact,” he says.

“In addition, many customers are hindered by outdated controls and insufficient technology and infrastructure to detect internal fraud. Lack of personnel screening as well as high staff turnover are further factors which contribute to fraud in the workplace.”

In the long run, Le Roux suggests, this issue is more about understanding the threat than about protection alone. Whether the organisation is a victim of sensitive information being leaked, money being stolen or payments being made to fake accounts, fraud is on the increase. The question is how to deal with it effectively.

“The only solution lies in monitoring what is happening on the network,” Le Roux maintains. “At RSA, we do this by understanding the customer’s environment and monitoring those systems which are seen as critical for the customer. You need to understand what the fraudsters’ objective is and what is important to them.

“Once you can see everything on the network, you can watch and play back the activity. This enables the organisation to tighten its controls and security, thereby preventing fraud effectively.

“In essence, there is no doubt that security needs to evolve from conventional, siloed and perimeter-based security to advanced security systems designed for speed. These solutions will allow organisations to rapidly identify, analyse and respond to threats. At the very least, these systems should be risk-based, agile and contextual.

“From a risk perspective, organisations should consider how vulnerable they are to attack, how likely they are to be targeted and the value of what is at risk. Intelligence about their potential attackers and most valuable assets shows where to focus their efforts, such as what systems to protect and which users to closely monitor.”

Share this article:

Further reading: