Ä¢¹½ÊÓƵ

It’s no secret financial Internet fraud is a growing problem. In the second quarter of 2017 alone, account takeovers grew 45 percent and cost $3.3 billion in losses. In a world where fraudsters have the upper hand, traditional detection methods are no longer enough. Consolidating your fraud and cybersecurity capabilities into a single, integrated process can help your organization level the playing field and fight fraudulent cybercrime more effectively.

The Problem with Traditional Financial Fraud Detection Methods

1. They’re siloed—Cybersecurity and fraud teams speak different languages, have different workflows, and stick to their own space.
2. They’re reactive—Static, compliance-based controls activate after fraud occurs, leaving less time to track and escalate an incident before organizations suffer losses.
3. They can’t detect advanced fraud methods—Static controls fail to detect anomalous behavioral patterns, a critical component of identifying fraud attempts that use legitimate credentials to access accounts.
4. They’re inefficient—Manual workflows on multiple consoles, applications, and tools lack few repeatable processes and increase response and recovery times.

Fraud Fusion Centers: The Optimal Solution Against Internet Fraud

A fraud fusion center gathers fraud analysts, cyber threat intelligence, and cyber analysts to address fraud together. These centers are supported by a continuous loop of information exchange within a single ecosystem of technology, processes, and documentation.

1. Proactive, not reactive—Fusion center analysts anticipate threats before they happen by detecting indicators of attack and threat tactics, techniques, and procedures.
2. Enhanced detection—Fusion center employees share data across teams and build alert requirements together. This helps teams identify patterns of suspicious activity across multiple channels and domains that would otherwise go undetected.
3. Increased efficiency—Fusion center experts combine intelligence feeds with customer profiles, behavior data, and fraud solutions to increase operational efficiency. Sharing indicators of compromise increases triage and response speed.
4. Continuously improving—Insights enabled by cyber intelligence helps reduce false positives and optimize fraud operations.

Six Steps to Set Up Your Fraud Fusion Program

1. Find a champion.ÌýBringing fraud and cybersecurity together requires change management, best led by a senior leader who champions the program. This person must have the authority to make a fraud fusion center a mandate and a priority. Without this level of leadership, organizations spend a lot of time and energy making very little progress.
2. Define a strategy and communicate often.ÌýIdentify the commonalities between your fraud and cybersecurity teams. Build a strong foundation, including shared indicators of compromise, response workflows, analytics, and data sets. Communicate the strategy early and often, encouraging people to think of the components of cybersecurity and fraud as a single ecosystem.
3. Nail a couple use cases.ÌýBe as specific as possible, and pilot them. For example, you might decide to monitor account takeovers in a specific channel during a defined timeframe using a specific method. Once you show some quick wins, and have additional traction and support, start expanding your efforts.ÌýÌý
4. Fuse your data.ÌýFusing data too soon can create false positives and messy data lakes. It’s easier to keep data separate until you understand what types of fraud you’re seeing and the processes that work to address them. Then, you can start to fuse data a little at a time. Every organization is different, and teams should leverage existing feeds, either from a vendor or produced organically to enhance fraud detection. Furthermore, data sets and alert requirements must be parsed for efficiency.
5. Layer technology solutions and establish a baseline.ÌýNote the types of fraud you’re currently detecting, your response time, and how many fraudulent attempts you’re blocking. These metrics will help you demonstrate success later on.
6. Evaluate often.ÌýAssess how the fraud and cybersecurity teams are collaborating and opportunities for improvement. After an alert or event, make changes to enable the fusion center to proactively detect similar fraud techniques in the future.

Organizations must rethink their tools and methodology to address today’s fraud threats. Most organizations have at least some of the pieces they need to be effective, but the hard part is getting them to work together. Cyber and fraud teams must speak the same language, understand and agree on the different levels of compromise, and be willing to work together before they can effectively share data, people, and processes. With the right plan in place, any organization can reap the benefits of a fraud fusion center to beat cyber criminals.

Interested in building a fraud fusion center at your organization? Ä¢¹½ÊÓƵ Allen can help. Learn more.