It is a sad fact that when the economy gets tough, fraudsters and threat actors increase their activity and make more money. Either because they are targeting vulnerable indivduals who are more likely to respond to offers of financial help and support. Or because they are targeting organisations who are under financial and individual pressure.
If this could affect you or your customers, now is the time to act offensively to protect against increased threat activity.
Increase customer and staff education and awareness activity - remind them of your normal communications style and approach ('we will never' and 'we always')
Assess likely areas of vulnerability and target interventions - consider which customers or personnel more likely to fall for threats and what can you do to prevent that
Review your detective controls - what are you doing to monitor and detect attacks and abnormal behaviour
Exercise your responses - identify likely scenarios and practice them - how would you know there was a problem, who would need to be involved in resolving it, how would it be resolved
Remember, 'it could always happen here' - avoid complacency and plan for the worst
It would also be sensible to complete a review of your existing counter fraud and cybersecurity defences - your policies, processes and procedures. This need not be onerous, and with good planning could take only a couple of days, but identifying potential gaps now and planning how to resolve them could prevent significant losses later on. This should include a review of relationships and monitoring of industry bodies and guidance (such as from the ICO or NCSC) to see if there is additional support that you can obtain from outside your organisation.
It is tempting to think these sorts of activities can be completed in house, but this can really be a false economy. Using a trusted external advisor enables genuine challenge and questioning of internal understanding and beliefs. Someone external to your organisation will also have experience of different cultures and approaches - meaning they can bring fresh perspectives and ideas to your implementation.
At RTG Commercial Services Ltd, we specialise in tailor-made assessments based on your organisation and threat landscape - now copy and replace consultancy for us! Feel free to give us a call for an initial chat and then we can give some suggestions on how you can plan now to avoid pain later.