Apply the Lessons of National Cybersecurity Awareness Month with 4 Tips from Digital Identity and Fraud Experts
October is the Department of Homeland Security's National Cyber Security Awareness Month, an initiative aimed at fostering awareness and advocating best practices regarding security in relation to personal data, organizational security, and the overall well-being of our nation. This campaign is comparable in its scope and intent to creating Smokey the Bear in the 1940s, which was part of a concerted effort to encourage wildfire prevention. These efforts are intended to increase awareness about growing public concerns. In the case of the DHS's efforts, National Cyber Security Awareness Month plays an important role in cultivating a robust culture and mindset concerning cybersecurity.
The repercussions of cybersecurity threats are often challenging for the majority of us to fully grasp. We tend to perceive major breaches as catastrophic events that are distant from our daily lives. We may believe that such incidents only happen to others, or we might struggle to comprehend the underlying dynamics. For instance, a major bank's breach could stem from poorly configured data repositories, inadvertently exposing vulnerabilities that hackers exploit. This might seem obscure and beyond the sphere of concern for the average citizen, yet the truth is that cybersecurity is very much intertwined with our modern world. Our personal data is consistently stored and transacted in various locations and manners, often in ways that are unbeknownst to us. Thus, an ounce of prevention is undoubtedly necessary, as is recognizing that cybersecurity is an integral aspect of nearly every facet of modern life.
National Cyber Security Awareness Month aims to provide guidance to those not deeply entrenched in the intricacies of fraud and data breaches. One can observe this through the various themes being promoted, such as "It's Everyone's Job" and "Make Your Home a Haven for Online Safety." Even for those of us immersed in defensive technologies' development all day, these lessons remain pertinent and impactful. One key takeaway is that we shouldn't overcomplicate cybersecurity. A fraudster’s access to privileged data isn't always contingent on sophisticated technology. Fraudsters seek points of entry and will exploit vulnerabilities to gain the access they seek. The critical issue lies in how they achieve this access.
We spoke with some experts in the fields of fraud, cybersecurity, and identity verification to get their thoughts on the fortification measures they think will be most effective. These tips are clearly important in the context of Cybersecurity Awareness Month, but they are also foundational for any organization seeking to eliminate fraud from their processes and environments.
Frank McKenna, Chief Fraud Strategist at PointPredictive
Frank has led global fraud consulting teams for BasePoint Analytics, CoreLogic, and FICO. Under his leadership, those teams conducted successful engagements in the US, Australia, the UK, Canada, and Asia. His strategies and programs continue to be used by financial institutions across the globe.
Mary Ann Miller, Fraud & Cybercrime ExeC. Advisor and VP of Client Experience at Prove
Mary Ann is a well-respected expert in the fraud and identity space who was most recently Head of Fraud Strategy at Varo Bank. Prior to that, Mary Ann held directorships and executive roles at well-known organizations such as USAA, PayPal, Lloyd's Banking Group, and other technology firms. She has also served on the US Federal Reserve Secure Payments Task Force and is a current member of the Federal Reserve’s Scams Definition and Classification Work Group.
Ronald Praetsch, Managing Director & Co-Founder at About-Fraud
Ronald leverages his extensive experience in payments & fraud to inform the structure and content of the site. Outside of About-Fraud, Ronald consults regularly with merchants, payment service providers, and fraud solution vendors.
Amanda Fennell, CISO & CIO - Prove Identity
Amanda Fennell has over two decades of security industry experience. She believes strongly that everyone has a cyber warrior in them waiting to be unleashed. She also serves as an Adjunct Professor at Tulane University in cybersecurity. Previous employers include Relativity, Symantec, Dell SecureWorks, Booz Allen Hamilton, Zurich Insurance Group, and Guidance Software.
As businesses strive to enhance their cybersecurity efforts, implementing effective identity verification methods is a crucial step. Identity verification plays a pivotal role in securing sensitive data and preventing unauthorized access. Some key identity verification methods include biometric authentication, multi-factor authentication (MFA), pre-filled authentication, form pre-filling with verified identity information, and even passwordless authentication. These methods not only bolster security but also provide businesses with reliable mechanisms to confirm the identities of users, customers, and employees, thus fortifying the overall cybersecurity posture. By integrating these methods into their systems, companies can significantly mitigate the risk of cyber threats and ensure a safer digital environment for all stakeholders.
Keep reading
Developers know identity verification is an essential element of effective digital onboarding and the customer lifecycle. Choosing the right one can feel like navigating a maze of features and complexity.
In an age where our smartphones have become almost like extensions of ourselves, the identity assurance achieved through smartphone possession and data is a natural evolution.
Rodger Desai, CEO of Prove, a leading identity verification solution provider, offers a unique perspective on the rising fraud in the gig economy, advocating for robust digital identity verification as a key defense mechanism.