security analytics for certified fraud examiners
Post on 28-Nov-2014
446 Views
Preview:
DESCRIPTION
TRANSCRIPT
Fraud Stats +40yo woman $994 B Getting Worse Media loss = $175,000 25% loss = > $1M Not a “drive by”, but slow, painful death Most Orgs do not recover
More Concerning? Fraudster more likely to be ratted out by
pal than “discovered” SMB’s especially vulnerable Median loss by Executive Fraud?
$853,000
Most Dangerous to Organization? Organized Crime Random Employees Hacktivists
Fraud (Dictionary.com)
Fraud [frawd] Noun
Deceit, trickery, sharp practice, or breach of confidence perpetrated for profit or to gain some unfair or dishonest advantage.
A particular instance of such deceit or trickery: mail fraud; election fraud.
Any deception, trickery, or humbug A person who makes deceitful pretenses; sham,
poseur.
Real Time Information to Stop Fraud & AbuseThe Lorenzi Group
What Is? Ongoing Analytical analysis of user
generated data
What if….. You could predict what was going to
happen? You could KNOW who was going to
steal? You could stop the crime before it
occurred?
Profiling
Security Analytics It’s not Big Brother, it’s SMART Business Improves Data Security Exponentially
Mistakes Desperate Criminal
Makes Compliance Easier Can provide Productivity metrics
Termination Justification Training Needs Resource Allocation Cost Saving Opportunities
Examples:Lockheed, Fidelity, USPS, Kaiser Permanente, more
Data Security Information is Money Most companies don’t watch the inside IT Control has fallen to Legal Demands
Set it and Forget it Security is
DEAD
Data Security in the PAST Isolated IT Responsibility Firewalls & A/V Break/Fix
Data Security TODAY Overall corporate strategy HR, Legal, & Finance actively involved 24x7 monitoring Dedicated Personnel Training includes: IT, Legal, HR, Psych,
more
Compliance Regulation Compliance is BIG Business Gov’t PROFIT-Center HIPAA, SOX, PCI, GLBA, FISMA, Joint
Commission, Dodd-Frank, FINRA, SEC….. State Level compliance
TIP: More are coming.
Compliance in the PAST Paper Forms Server Logs Disparate/Silo’d Data
Tools to search network to find info Data is easily manipulated
Compliance TODAY Aggregate results from start Collect data where it begins not ends Prelim reports automated Anomalies ID as they happen
Studies show… Upwards of 30% of screen time is
wasted Social Media is fun Googling Zombies Vast extremes Few admit to training needs Most DO NOT EVEN REALIZE they are
wasting so much time (it’s only 5 minutes….)
Results? Productivity lost Viruses & Malware introduced Untrained employees Frustrated employees Fraud opportunities increased Loss of competitiveness
What is Productivity?
?
Productivity (Dictionary.com)
pro·duc·tiv·i·ty Noun
the quality, state, or fact of being able to generate, create, enhance, or bring forth goods and services: The productivity of the group's effort surprised everyone.
Economics . the rate at which goods and services having exchange value are brought forth or produced:
Productivity increased dramatically last year.
Productivity (in the beginning)
Productivity
Productivity (industrial revolution)
Productivity (1 dimension)
Productivity (knowledge revolution)
Productivity (today and beyond)
Results? Productivity is not:
Words per minute, calls per hour, IM’s per day, clicks, meetings, or videos.
Productivity, if it can be explained, is: ALL of it… and then some.
Lorenzi ROAR Collect 1’s and 0’s Sort in DB Create Baseline Match v Others Anomalies v Usage Reports @ High Level & In-Depth Level
ROARing Results Tighter Data Security Training needs ID’d faster Unnecessary Resources ID’d faster
People Equipment Software
Best Practices documented Individual employee baselines created Communication (and sales) analysis available Other in-depth analysis available Businesses can regain control over their technology
environments
Productivity Math15 minutes/Day X 260 workdays = 65
hours (3%)$41,673.83 (SSA 2010 Natl Avg Wage)3% = $1,250 (lost time per employee)
Studies showing 30% means 624 HOURS30% = $12,502 (lost time per employee)
So, what’s the BIG deal? Why ROAR?
In-Depth understanding of business needs Little Risk in expense and experience Happier Employees More Productivity More Revenue potential Large ROI for little dollars (don’t worry, we’ll convince you to
spend more money with predictive and other analysis reports…)
Other Benefits Improved Data Security (unless you already have a team of
people watching screens and analyzing usage) Streamlined response for Compliance/Regulatory
requirements
BYOD Stored Communications Act
Employee Owned/Company Paid
Company Owned
Litigation Is coming…..
Litigation Holds Spoliation (YOU could be responsible)
Final Thoughts Security Analytics is available TODAY Reduces Fraud Increases Productivity Makes Compliance regulation easier
Questions?
Robert Fitzgerald
The Lorenzi Group866-632-9880 x123
www.thelorenzigroup.comrfitzgerald@thelorenzigroup.com
top related