Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
Security Enterprise ServicesBanking/Finance/Insurance

New Technology Can Help Corral Insider Fraud

By Matt Carey
embezzle
August 25, 2015

Cyber criminals may be making the headlines, but insider fraud artists – many of them senior, trusted staff – remain the biggest crooks. They fly under organizations’ radar for lengthy periods and cost organizations globally roughly $3.7 trillion a year by one estimate, according to 2013 data from the Association of Certified Fraud Examiners (ACFE).

Strides are being made to combat these stealthy insiders. Sophisticated new technologies are detecting abnormal employee behavior patterns in real time – often before actual fraud occurs. These and other advances are critical to combat insider threats because one solution can’t address all the types of fraud. To protect themselves, companies must adopt a layered approach to cybersecurity.

No sector is immune, particularly financial services, information technology, government, commercial facilities, healthcare and public health. And traditional weapons for combatting insider fraud – on their own, surprise audits, internal whistleblowers (who often use an antifraud hotline to report situations) and strengthened background screening – aren’t adequate to catch them all.

To Stop Fraud, Study the Fraudsters

Software producers, law enforcement agencies, and academic researchers and engineers are pioneering new antifraud tools and advanced risk-management controls. At Carnegie Mellon University, for instance, engineers at its Insider Threat Center – part of its Computer Emergency Response Team (CERT) function – methodically analyze real-life insider attacks to identify how insiders pull off their damaging thefts. Its database contains over 1,000 documented cases of insiders using information technology to cause harm.

Combined, all of these insider fraud combatants are identifying a roster of warning signs to help organizations better spot and deal with insider fraud. This list includes the downloading of files or documents that aren’t germane to an employee’s job or, related, the withdrawal of information surreptitiously from file services such as Dropbox and Google Drive. Add to the list requests for data or access for which an employee shouldn’t be seeing, as well as the manipulation of customer information or the out-of-the-ordinary handling of dormant customer accounts.

Using Real-Time Analytics to Detect Fraud Faster

On the behavioral monitoring front, for instance, breakthroughs in analytics are helping identify uncharacteristic employee behaviors by better benchmarking normal activity. In the past, for instance, banks wouldn’t know that an employee searched 17 different customer accounts in 13 days without closing any transactions before fraudulently transferring funds to an illegal account.  Real-time behavioral monitoring tools can spot and alert officials to such behavior outside of the ordinary – and it can do this across multiple platforms and applications.

Other red alerts include attempts to breach an employee’s specific access privileges; the sudden or increased frequency of requests or requisitions for data-storage devices; and unusual communication or collaboration between employees that suggest collusion.  Be alert to the use of shared computers as well since insiders can load malware on them for stealing or spying on records and other data.  

Equipped with these warning signals, organizations can mitigate against them. Already, organizations are constraining remote work outside of normal hours; enhancing monitoring within a time window of a damaging incident; and monitoring to detect insiders using colleagues’ accounts remotely.    

In addition, savvy IT operators within organizations are employing threat-deterring technologies that monitor phone activity logs to detect suspicious behaviors. They are checking and controlling privileged accounts; watching external access and data downloads; and protecting critical files from being modified, deleted or disclosed without authorization.

By establishing what’s outside of normal behavior for specific employee roles, organizations – especially banks – can identify the abnormal behavior, issue alerts, and suspend employee access to prevent fraud in real time – before damage is done. They can institute controls that don’t allow a back-office employee to transfer customer funds, a front-office employee to change customer addresses, or collusion between employees. 

When employees leave, an organization can disable their accounts and/or connections to prevent fraud, and many banks already are doing this. IT departments also can prevent installation of unauthorized data-removal storage methods and identify all access paths into their information systems. Some are deploying an easy-to-use monitoring system with Google-like search features that handle highly specific behavioral criteria. Such technology that is intuitive can eliminate errors and enable more advanced monitoring.

Organizations now can even institute alerts of suspicious patterns of behavior in real time and receive visual evidence of illegal activity while it occurs. It does this by recording screen-by-screen activity at the application level. This creates a comprehensive data trail that can be used in court.  

Fraud by rogue insiders can be difficult to spot. But the advances in sophisticated technology – specifically those that analyze behaviors and determine in real time when abnormalities transcend normal behaviors – prove especially critical.  Organizations now can nab insider crooks before they’ve vanished or it’s hard to prove they were responsible. 

KEYWORDS: employee fraud insider threats security analytics security technology

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Matt Carey is vice president of solutions marketing at Bottomline Technologies, a global provider of cloud-based payment, invoice and banking solutions.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Security Enterprise Services
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Security Leadership and Management
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Technologies & Solutions
    By: Charles Denyer
Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

  • Duty of Care
    Sponsored byAMAROK

    Integrating Technology and Physical Security to Advance Duty of Care

Popular Stories

Coding

AI Emerges as the Top Concern for Security Leaders

Half open laptop

“Luigi Was Right”: A Look at the Website Sharing Data on More Than 1,000 Executives

Shopping mall

Victoria’s Secret Security Incident Shuts Down Website

Laptop with coding on ground

Stepping Into the Light: Why CISOs Are Replacing Black-Box Security With Open-Source XDR

Gift cards and credit cards

Why Are Cyberattacks Targeting Retail? Experts Share Their Thoughts

2025 Security Benchmark banner

Events

June 24, 2025

Inside a Modern GSOC: How Anthropic Benchmarks Risk Detection Tools for Speed and Accuracy

For today's security teams, making informed decisions in the first moments of a crisis is critical.

July 17, 2025

Tech in the Jungle: Leveraging Surveillance, Access Control, and Technology in Unique Environments

From animal habitats to bustling crowds of visitors, a zoo is a one-of-a-kind environment for deploying modern security technologies.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • people working at shared desk

    5 ways HR leaders can help organizations mitigate insider risk

    See More
  • Digital signage can help with coronavirus response and reopening

    Digital signage and wayfinding technology can help your organization reopen safely

    See More
  • digital-forensics-freepik1170x658.jpg

    Digital forensics technology can help support cyber investigations, incident response

    See More

Related Products

See More Products
  • facility manager.jpg

    The Facility Manager's Guide to Safety and Security

See More Products
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing