Is your firm safe from attack?

Is your firm safe from attack?

Latest losses from corporate fraud and cyber crime underline the urgent need for companies to step up vigilance, writes Brian Nicholls

Rising corporate fraud and cyber crime stresses the need for firms to take up BQ’s campaign for greater vigilance. Fraud cases nationally totalled £516m in the first half of this year - up over a third on the previous period last year. Average value of cases jumped from £2.8m to £3.5m, kPmg reports. Professional criminals are the biggest perpetrators with supply chain frauds mainly, at £61m (up from under £1m in 2012). crown courts in the north east dealt with 10 fraud cases involving £100,000 or more in the first half of this year. the £7.7m involved, fortunately, is a trend-bucking drop of more than 40% on last year’s comparable.

But the misery suffered is no less. cases included a family led gang, with more than 53 associates, several of whom were jailed for a £3m insurance fraud involving staged car accidents in a “cash for crash” scam. Sara Smith, of kPmg’s newcastle forensic practice, says: “While the back end of last year saw a resurgence of traditional con-artistry, fraud cases have now turned a darker corner. the increase in corruption of supply chains has been marked. While procurement functions seek to do relevant due diligence checks on potential suppliers, fraudsters are increasingly smart at circumvention. organisations must make the most of numerous data sources available and overlay that with information they have on a third party they plan to deal with.” Fraud against investors is also soaring, with frauds totalling £74m coming to court so far this year. Smith says: “honest investors are being defrauded by people seeking ways to maintain lifestyles at a time when pensions, traditional investments and incomes are being squeezed.” Amid growing concern about cyber crime - some 65% of north east businesses a year suffer attack now - small and medium-size businesses should consider bidding for up to £5,000 to improve cyber security, newcastle based accountants Robson Laidler LLP suggest.

The government’s technology Strategy Board has extended an innovation Vouchers scheme under which Smes can draw from a £500,000 fund to invest in outside experience. however, the grant is only available to firms working with a new technology supplier for the first time and that don’t already have internal expertise in cyber security. the Department for Business, innovation and Skills has, however, published new guidance to help all Smes ensure that cyber security against hacking and other threats enters their business management procedures. About 86% of all small businesses nationally are estimated last year to have reported at least one breach in cyber security - 10% up year on year. graham Purvis, partner at robson Laidler, says: “cyber security is necessary to ensure future growth. the government’s offer to Smes is a small but meaningful step.”

Simon Langley, senior manager in cyber security at business advisors Pwc, warns that cyber security is no longer only an it challenge. Business leaders, he says, must ensure they are protecting what is most critical to their organisation’s growth and reputation. involvement of senior management is all the more important since a significant lack of skilled workers is hampering the fight against cyber crime, the institution of engineering and technology says. threats loom from inside as well as out. A BiS survey has indicated that, among north east firms checked out, 81% had suffered staff related incidents and 65% misuse of email access. the survey for Pwc suggests all Smes questioned had seen loss or misuse of confidential information amounting to an average 6% of turnover. Asam malik, risk assurance director at Pwc in newcastle, says: “Businesses in the north east, like elsewhere in the uk, face ever more advanced threats from unauthorised outsiders.”And matthew Fell, cBi’s director for competitive markets, points out: “cyber attacks are damaging the very networks critical to how they interact and do business.

Firms really must treat cyber security as a daily business risk. Besides beefing up systems and internal staff processes, they should ensure their technology and software is robust and up-to-date.” managements are being advised by one firm of security experts to ask themselves: What tools and processes do we have to safeguard our sensitive information? Are we monitoring our networks to detect advanced targeted attacks? Do we know how best to respond if we become aware of a breach in our security? one British firm alone lost more than £800m in revenue last year through a sophisticated cyber attack, says Jonathan evans, head of mi5. not only was intellectual property lost but also commercial disadvantage in contractual negotiation. “What’s going on is astonishing,” he warns.