EACT Breakout Session
In a demonstration of how easy it is to fall prey to fraudsters, drawn from real-world experience, criminals found it all too easy to locate employee credentials on the dark web, contact their employer’s IT to make password changes and execute a ransom fraud that escalated into a $100m cost for the business. The case highlighted the impact of losing such huge sums in unplanned cash outflow and, in this instance, a subsequent negative outlook from a rating agency.
The panel’s message was clear: failure to update systems frequently makes it too easy for criminals to inflict damage on businesses, losses can be significant, and cyber risk is now considered a higher immediate threat to business than climate risk.
It was noted that events are conspiring to make fraudulent attacks easier to perpetrate. There are more people working from home. SaaS is increasingly prevalent as more digital technologies are used. And attackers are becoming more sophisticated, with access to cutting-edge tools.
The level of threat means regulators are starting to pay far more attention. New regulation is coming in the EU (including the Digital Operational Resilience Act, and Network and Information Security Directive 2) to combat cyber fraud. And for the first time ever, the U.S. Securities and Exchange Commission (SEC) has individually sanctioned a CIO for failures.
Sign up for free to read the full article
Register Login with LinkedInAlready have an account?
Login
Download our Free Treasury App for mobile and tablet to read articles – no log in required.
Download Version Download Version
