Learning objective

• Identify various types of cyber frauds and their associated risks.

Before we start

Cyberfraud is becoming more prevalent and more costly every year and is garnering more interest in preventing it and protecting individuals and organizations from it. This is especially important for small-and medium-sized organizations because they typically have fewer controls in place than larger organizations, making them an easy target for a data breach.

According to a survey of cyber claims filed by CPA firms in 2017, 30% of all claims were due to hacking and 31% were due to human error. Social engineering and ransomware accounted for 20% and 10%, respectively, of the claims.¹

Hackers will continue to test systems for vulnerabilities regardless of the controls an organization might put in place. Additionally, the methods hackers use change rapidly, making cyber controls in place today ineffective tomorrow. However, by implementing adequate data security measures, governmental and not-for-profit organizations may reduce the risk of a data breach or reduce the impact of a successful data breach.

Successfully avoiding a cyber threat requires an understanding of the mindset of cybercriminals and their motivation. Synthesizing cyber risks through the fraud triangle may not apply in the cybercrime environment, making it necessary to look beyond typical fraud prevention methods. What motivates a hacker can be vastly different than from what motivates ...