A new report has highlighted the eight biggest security risk hotspots facing businesses in the year ahead
Possible business opportunities for the channel have been highlighted after a new report identified eight security weakspots for many corporations in the year ahead.
The warning comes from corporate risk prevention consultancy Riskskill, a division of UKFraud. It has highlighted the main security hotspots for corporates in the year ahead.
Perhaps unsurprisingly, the number one weakspot is to do with fraud, which is set to reach “increasingly high levels as a reflection of economic conditions”.
“In 2013, supply chain fraud will be a major growth area, as squeezed suppliers face the temptation to cheat, often using IT systems to cover their tracks,” Riskskill warned. “This type of fraud can range from simple ‘weights and measures’ issues through to credit based fraud and professionally planned attacks. As a result, procurement fraud is also set to reach record levels this year, where those charged with purchasing, face a range of temptations, including bribes from suppliers. More generally, internal fraud too is running at its highest level.”
Cyber crime attack is the number two risk, with intrusions remaining an ongoing concern for IT management teams during 2013. “Corporations are especially vulnerable where they have ventured into online trading, as the customers are faceless and there is comparatively little time to check the efficacy of the client’s details,” warned Riskskill.
The company also said that payments via mobile and NFC (Near Field Communication) devices can also present on-going risks.
Number three on the corporate security watchlist relates to social media. With the increasing BYOD trend, coupled with the explosion of social media sites, corporations can face “a huge reputational challenge”.
“Within minutes, organisations can be the victim of blistering customer backlashes which might or might not be justified,” the company said. “Many corporations are making a start by attempting to formally control how their own employees release company or workplace information through social media. The number of reported dismissals and legal cases for acting irresponsibly through social media is soaring.”
Tsars of compliance
The fourth hotspot to beware of is the silo mentality ingrained in many businesses and divisions. According to Riskskill, these silo structures have grown increasingly complex, with the “corporate tsars of compliance” vying for power with those running policy, risk and traditional management functions, such as IT and finance.
“It is possible that key decisions such as fraud policy, for example, will fall between these silos so that one either finds managers that are only partially responsible for an issue or a whole gaggle of managers who all feel that something is ‘their bag’,” the report said.
The fifth hotspot covers risks associated with Big Data. Many companies are now storing huge volumes of data, such as customer files, and this can present a data-breach risk. However Big Data offers many benefits nowadays, especially as business intelligence and data analytics technology has become more affordable.
Hotspot number six is financially related, to do with credit risk losses versus profitable lending. Riskskill warns that many banks and other sectors, such as retailers, are under severe pressure to avoid bad debts on one hand but they must also increase profitable business lending on the other.
There is a potential risk of the pressure to satisfy both demands leads to implementing bad financial products and the risks of mis-selling and of over-stretched customers running up bad debts.
The seventh hotspot is encapsulated in the old saying, “where there is blame there is a claim”. Riskskill warns that, whenever there is a downturn in the economy, people seek-out legal redress from anywhere they find the opportunity. It says many organisations seriously underestimate how big the potential legal risks can be.
They are likely to face even greater pressure on this front in 2013, as the TV-ad style accident and PPI lawyers start to look for the next big thing, Riskskill warns.
Finally, the last main security hotspot to be aware of in 2013 concerns going green. Yes, even environmental concerns, corporate social responsibility (CSR), and sustainability pose security risks. This is because corporate commitments to invest in environmentally-friendly and social-responsibility issues and other sustainability initiatives can backfire.
“In more difficult economic times, these broader social and ‘green’ initiatives can suffer; the financial commitment made in the good times can also damage the longer-term investment, security and stability of businesses when things are tighter,” warned the company.
“From our research and experience of many businesses, we can see that most organisations are needlessly at risk in a number of areas,” said Bill Trueman, CEO of Riskskill (pictured). “Often the potential and consequential losses will be a major threat to businesses performance.”
“To put them right and protect our businesses, we need to make sure that our processes, procedures and systems are clear, tight, ordered and well managed,” said Trueman.
“While the risks can usually be identified quickly and effective plans drawn up, it usually takes a little help and some wider corporate consensus to get things done,” he argued.
Trueman recommends both external and internal risk assessment teams so that corporations recognise the risks they run and are aware of the need for change.
“Until they do, our role is to highlight the risks most likely to be faced,” he said.