Financial Impact of Cyber Breaches

Financial Impact of Cyber Breaches

The word Impact, as a noun, is the action of one object coming forcibly into another object and it has synonyms like collision, crash, bump, bang, jolt and thump. The word Breach, as a noun, is an act of breaking or failing to observe a law, agreement or code of conduct and another definition relates to a gap in a wall or barrier specially made by an attacking army and its synonymous words are rupture, crack, rift, violation and breaking. So the rationale we get from these definitions related to the financial impact of cyber breaches is this: A force-able outflow of funds in result of any intended or unintended gap or crack within channels, repositories or ends.

Like we have layers of cyber security so there are certain layers of cyber breaches but the breaching flow is generally opposite to the security flow. For example at first hand Data Security Layer protects a critical asset, Application Security Layer comes in next phase, then next one is Endpoint Security Layer, then Network Security Layer and in the end we have Perimeter Security Layer. So the security ends on Perimeter Security Layer but at the time breach starts from the same point. The intruder enter from here and in the end he has to deal with inner security layer that is Application Security Layer.

Financial Impact has three levels i.e. Personal Level, Corporate Level and State Level. These are few examples at each level:

Personal Level:  At Personal Level ATM hacking is critical one. From ATM card being struck inside the machine to millions USDs vanishing from ATM machines without using card is a vast land to cultivate for bad guys.

Corporate Level: As per IBM’s Cost of a Data Breach Study 2017 average total cost of data breach is 3.62 USD. For this Study they interviewed more than 1900 individuals from 419 organizations of 17 industries from 11 countries and 2 regions including ME and ASEAN. According to this Study all participated organizations experienced a data breach ranging from approximately 2600 to 100,000 compromised records costing USD 141 per lost or stolen record averagely. This is that Corporate Level of Financial Impact that matters allot for the economy overall.

State Level: Impact goes viral when States have to face it. Who can miss Stuxnet or diplomatic tension between US and NK from Sony Attack and how can we forget when SWIFT was compromised leading towards Bangladesh Bank Heist! Alarms should alert us when some hacker is confessing that it’s easier to hack an election than eBay. And the actual fact is that these all have cost.

Solution:

If cyber breaches are costing us as stated above then solution is obviously is also with us and that is ensuring the security. Breaches are real, impact is genuine then why are we so lazy in security? And I know it is self-explanatory question.

Advertisements

Forensic Accounting – A world beyond numbers

Word ‘Forensic’ is explained as associating some data/information with court of law or public discussion and debate and when we use this word as an adjective with accounting or auditing then it changes or, otherwise, broaden the traditional meanings of the later nouns i.e. accounting or auditing.

Forensic Accounting or Forensic Auditing means an artistic science to get evidence. Yes, to get evidence, all available evidence, all possible evidence, not just sufficient and appropriate evidence to reach at the conclusion. It doesn’t depend upon any standards or rules and regulations. Yes, for any structured process there should be some rules and procedures and in this case there exists as well but not in a highly recommended form and as abiding force as we experience in assurance engagements.

A forensic accountant does not only deal with fraud investigations but also provides many other services like dispute resolution, corporate intelligence, background checks, fraud risk assessment, litigation support, valuation and expert witness services. So it’s a complete package for any corporate industry. Economies like Pakistan where corporate practices are not well groomed but in a way so this ‘in between’ situation makes us more vulnerable to corrupt practices. Now let’s briefly discus the anti-fraud process.

An impressive fraud case is not like some delicious food putting in a plate on the dining table adjacent to your living room. Rather it’s like looking for a genuine seed among many fakes in an artificial apple putting in a locked computerized drawer of a highly sophisticated case laying under the bed of some anonymous flat on the 200th floor of some busiest road of any crowded city while you are standing 1000 miles away within some real delicious apples’ farm. Forensic will allow you and facilitate you to reach from the real apples’ farm to the real seed sleeping within that faked apple. Ways are many, sky is open, and many sciences of forensic are already here to help us. Here an investigator, a forensic accountant will go and will use others forensic sciences as help and will get the target.

Frauds are evolving, fraudsters are becoming more confident and bold year by year and decade by decade. As means to investigate are becoming sophisticated but ways to perpetrate are also becoming more facilitative for fraudsters. Any fraudulent activity is always covered within covers. Digital forensic, cyber forensic, data forensic, bio forensic, chemical forensic, forensic psychology and many others help a forensic accountant to investigate any case professionally and diligently.

Corruption is a menace for any economy and specially in developing economies. From tax avoidance to kick backs and from money laundering to corporate espionage we are continuously facing the threats but unborn forensic practices and undeclared corporate crimes are worsening the situation specially in our economy. So rather faking perfections we should legitimize anti-fraud and forensic practices in Pakistan to tackle fraud and to discourage the fraudsters.