UNDERSTANDING SUPPLY CHAIN ATTACKS
Companies, especially those in the financial services industry, need to not only beef up their security, but also their forensic capabilities.
When fraud or cybercrime occurs—and its likelihood is dizzyingly likely—it’s important to be able to mount a swift response. The leak or breach needs to be identified rapidly so it can be plugged, and the best chance of apprehending the criminals and their loot lies in speed.
“The need to be able to mount and conclude a forensic investigation is critical on all sorts of levels, which is why software like Nuix Investigate is gaining traction in the market,” says Henk Olivier, MD, Ozone IT Distribution. “Nuix Investigate blends cutting-edge digital workflows and graphic analysis with elements of traditional investigation—although no Dr. Watson is provided.”
PWC’s `Global Economic Crime and Fraud Survey 2022’ shows that the proportion of organisations experiencing fraud has remained more or less even since 2018, with 46% of organisations experiencing some form of fraud within the last 24 months. One big change: external threats have become more serious and are responsible for a high proportion (70%) of the most serious incidents. The top threat sources are hackers (31%), customers (29%), organised crime (28%) and vendors/ suppliers (20%).
South Africa has seen a jump in fraud cases this year, apparently driven by rising inflation in the wake of the pandemic and the Russian invasion of the Ukraine. Persistent high rates of unemployment are also a contributing factor. Given the high levels of fraud, Olivier emphasises that increasing numbers of companies are finding it imperative to have the in-house capability to analyse digital evidence rapidly. Continuing digitalisation of business processes means that the volumes and complexity of digital evidence sources are growing exponentially.
“Investigators simply cannot hope to find and then sift through these digital mountains,” says Olivier. “Nuix has powerful data analysis capabilities and can extract, correlate and contextualise thousands of data types to help investigators make decisions more quickly and collaboratively without having to be in the same place, while maintaining high levels of security.” As corporate security has become more sophisticated, so have the criminals. In addition, Olivier points out, businesses are permanently connected to the internet, and are thus highly vulnerable.
Protect that data
Prevention is the stablemate of cure. Olivier highlights the fact that data is a particular target for criminals, especially personal and financial data. As a result, data protection has attracted the attention of regulators, with the Protection of Personal Information Act in South Africa joining other regulations such as the General Data Protection Regulation, Payment Card Industry compliance, the Health Insurance Portability and Accountability Act and others.
Companies, therefore, need to transfer data in a way that is secure and compliant, whether it’s across the network or in the cloud be- tween partners, customers and systems. Progress MOVEit has been developed to solve this challenge, using encryption to protect data, and automation to streamline and enable vital business processes. “MOVEit also produces an audit trail to demonstrate compliance, something that’s also important when it comes to claiming on cyber insurance,” Olivier says. Like all software distributed by Ozone, these applications are available on cost-effective annual subscription, and are supported by fully qualified channel partners.