In the past year, 75% of companies have fallen victim to a fraud incident according to the Kroll Global Fraud Report. Even more alarming is that the latest Association of Certified Fraud Examiners study indicates that the majority of insider fraud losses – as high as 80% -are caused by collusion of 2 or more employees. Those are sobering statistics.

Clearly organizations have to take fraud collusion into account when crafting their security plan, or else run the risk of potentially significant financial losses and a damaged reputation. But how? The good news is that a few simple steps can go a long way in locking down the threat – starting with monitoring user behavior.

Monitoring user behavior seems like such a simple thing to do, but its importance as a first step in a comprehensive security strategy can’t be overstated. Only by monitoring employee activity is it possible to recognize the unusual behavior that’s indicative of a potential security problem, such as unexpected changes being made to information systems.

That being said, a monitoring system that simply tracks user activity only solves half the problem, catching issues after they’ve already occurred. To be truly effective, a monitoring system should also track data searches for early warning that employees could be planning inappropriate activity. For example, a bank employee interested in depleting a dormant account will first search for inactive accounts with high balances before taking any action.

With a monitoring system in place you’ll be well on your way to identifying and eliminating fraud collusion in your organization—but your mission shouldn’t stop there.

Next tip: understanding suspicious behavior in the context of other users’ behavior.

Boaz Krelbaum, founder of Intellinx, a leading provider of cyber fraud and risk management solutions,  is currently General Manager of Cyber Fraud & Risk Management for Bottomline Technologies. He has deep experience developing solutions that protect organizations from internal and external fraud and data theft, including agent-less technology that captures data directly from the network and provides a detailed forensic audit trail.

Posted by Boaz Krelbaum