Skip to content

Fundamentals for Fighting Cybercrime

Posted by: GuidePoint Security

3 min read

Image of Frank Abagnale Jr.

As a fraud prevention expert, I admittedly struggle with the con artist alter ego that precedes me in interviews and speaking engagements. When I reflect on my short stint, nearly 50 years ago, of setting up scams and forging checks, I am most struck by the fact that it is 4,000 times easier today to commit such a crime. Where does the fault line in security lie? Look no further than technology itself, which is a breeding ground for criminals. 

Despite our best efforts, there will always be people who use technology for personal gain and deception. In my day, the only tool at my disposal were my verbal skills and keen ability to persuade people that I was the person I appeared to be. It’s another ball game in today’s world, where bank accounts and routing numbers are readily available, as are the names and signatures of corporate executives which are publicized in annual reports. All of this information and more is available on the internet, making in relatively easy to hack into accounts of all sorts.

Breaches occur because someone in the organization opened the door to an intruder or because someone didn’t properly secure the entryway. Whether an individual inadvertently shared private access or someone failed to make a system update, it comes down to human error. This is why it is so important to educate employees and install constraints on resources in order to protect sensitive data and to avoid putting revenue at risk.

Security leaders have the difficult task of protecting the business, and this is no easy feat! The challenge of securing digital systems, data and processes across the business is complex and the challenge of determining how to best secure those systems adds to the complexity which can impede growth. My motto is that confidence and digital innovation begins with confidence in security. CISOs need to cultivate a more fundamental role for their leaders by enabling automation and orchestration. The theory that more investment translates into better protection is not necessarily accurate. There are too many vendors in the marketplace selling too many products, which means there is  too much noise for CISOs to sift through! The truth is that poorly integrated systems and technologies that are not supported, often result in gaps and blind spots that cause damage. If the goal is to achieve security digital transformation, a company must have a solid team of in-house experts who have access to outside engineers who are familiar with the infrastructures and applications.

By nature, technology frameworks are designed to support compliance by managing risk and proposing safeguards. While there are checklists in place, they are not always followed.  Before technologies are selected, implemented and integrated, it is wise to assess the value of threat consequences and vulnerabilities. Creating a roadmap in advance that addresses these issues is a worthwhile investment. But, assessment alone is not the answer. Organizations must implement ongoing training and continuing education around policies, technologies and the risks of noncompliance. Without this, even the strongest frameworks are bound to fail.

What is the soundest approach to finding a cybersecurity solution? It’s a jungle out there, and staying apprised of all the cutting-edge solutions in the market is a daunting process. If CISOs choose to work with a systems integrator, it’s best to find one specifically focused on cybersecurity solutions and services to benefit the client. This will eliminate the use of redundant and risky technologies, minimize gaps, streamline the process and provide rapid response and recovery.

So what’s the first step toward cybersecurity maturity? Remember, this is a journey not a destination! An assessment of your organization’s gaps and vulnerabilities is a good starting point for risk mitigation. It’s important to weigh maturity against putting out fires. Look for the opportunity to drive the maturity strategy forward, across other lines of business and inject security policies and processes. Security can no longer be an afterthought, it is now considered an integral piece to the larger business objective.

GuidePoint Security, is excited to announce a new interview series, featuring Abagnale, as he discusses some of the most pressing cybersecurity challenges CISOs are facing today.

Contributing Author

Frank Abagnale, Fraud Prevention Consultant

Categories: Cybersecurity
Tags:cybersecurityFrank Abagnale

GuidePoint Security

GRIT 2025 Ransomware & Cyber Threat Report Presentation
Annual Ransomware & Cyber Threats Retrospective: Insights & Expectations Watch on-demand for in-depth research, insights and analysis on the changing ransomware ecosystem.
Watch Now

Related Articles

View All

  • OT Security Services
OT/ICS Security: Beyond the Easy Button
Posted by: OT Practice
Read More 2 min read
  • GRIT Blog
To Pay or Not to Pay: The Ransomware Dilemma
Posted by: Jason Baker
Published 11/14/24, 09:00am
Read More 11 min read
  • Blog
Cybersecurity Awareness Month: How CISOs can engage, educate, and empower
Posted by: Ben MartinMooney
Read More 4 min read