Seems like David Lacey’s first security forecast of 2009 (Fraud hits the roof) is already becoming clearly evident. The FT recently reported that UK corporate losses against publicly reported fraud hit £1.19bn, an increase of 14 per cent year-on-year. Given that we’ve only just started our economic ice age it is highly probable that this is just the tip of a much larger iceberg.
Given that an insider has the greatest opportunity and knowledge of business processes (and their associated weaknesses) it goes without saying that they are often the prime suspects. And given what they might have at stake, either hiding their existing misdeeds or enhancing their own future financial interests, you can bet their motivation is high. But as economic conditions become tougher, and more organisations are stretched to their financial limits, large scale fraudulent techniques will undoubtedly be exposed, unraveled and pass into the bright light of day.
But I get the funny feeling that I won’t be surprised to hear that the next major white collar fraud will have involved lax security controls. Back in 1994 the UK Audit Commission clearly identified that failure to implement and maintain basic internal IT security controls was a primary enabler in computer misuse and abuse, and that this corporate disregard for internal security controls gave rise to opportunity formation for the motivated insider threat.
So David, sportman’s bet about the level of corporate fraud losses in six months time?