In the modern interconnected economy, there’s an unprecedented opportunity for fraudsters to prey upon the unwary.
In 2021, according to UK Finance, ?754m was stolen from bank customers ? a rise of almost a third over the previous year.
Businesses have a duty to protect themselves against this problem ? ideally before it strikes. Let’s take a look at a few of the ways in which this might be done.
Training
Your staff are often the weakest link in your organisation when it comes to cybersecurity and data protection. A little bit of education when it comes to the dangers of phishing attacks, and who to trust and who not to trust, can go a very long way. For best results, this training should be provided as part of a comprehensive induction process for new staff, and regularly refreshed as time goes on.
Under the Data Protection Act 2018 (itself an implementation of GDPR) is that the data controller is held responsible for the security of data being held. This means that if you’re holding onto the bank details and addresses of your customers, and this information is stolen and used by fraudsters, you could be held accountable for it.
System Security
Data storage and payment systems are vulnerable to attack by cybercriminals. They should therefore be given special attention. This might mean outsourcing your payments to an open banking platform, or your data storage to a third-party specialist, with access to qualified round-the-clock staff and plenty of redundancy and encryption. Given that this is an area vulnerable to rapid technological change, outsourcing makes a lot of sense. When the criminals have access to the latest expertise and technology, so too should you ? and keeping up with the change can be a full-time job.
Assess Risk
Before you take any action, you should conduct a thorough risk assessment to establish just where your vulnerabilities lie. The results of this assessment should inform your overall approach to fraud-prevention. It might be that you need to take immediate remedial action in one area, at the short-term expense of all others.
Insurance
Whatever action you take to safeguard your organisation, you will never be able to reduce the risk to zero. For this reason, it’s worth taking out insurance against loss of earnings that might occur due to fraud. In many cases, insurance of this kind can be the thing that prevents your entire organisation from being sunk by a single attack.
