Fraud Prevention in a Shaky Economy
What Impact Will We See From Market Unrest?According to HP's second annual Cost of Cybercrime Study, the median annualized cost of a cybercrime is now roughly $5.9 million. That's a 56 percent increase from the median cost HP reported in July 2010. [See Cost of Cybercrime Soaring.]
The reason: Sophistication of cybercrimes has increased in the last 12 months, and fighting and thwarting cyberattacks costs organizations more time and money than ever before.
In 2011, HP found that it took about 18 days and cost about $416,000 for the average organization to resolve a cyberattack. By comparison, in 2010, most attacks took only 14 days to resolve and typically cost about $250,000.
But those upticks are not surprising.
We all know cyberattacks are increasing in number and severity. Those two factors alone were catalysts for the Federal Financial Institutions Examination Council in its new authentication guidance to call for banking institutions to increase investments in online fraud prevention and refocus their attentions on more regular risk assessments.
How much banks and credit unions will spend on efforts to improve layered security and risk assessments, two primary points noted by regulators in the guidance, is hard to gauge. But suffice it to say, they'll all be shelling out their fair share.
And with the Jan. 2012, conformance deadline nearing, institutions don't have much time to explore many options. For now, most are reviewing risks and developing plans for regular assessments.
But those plans must include steps to move forward with stronger authentication and layered security; and that means more investments with new and existing vendors. I would venture to guess that the majority of institutions, those that fall beyond the purview of the top 25 or 30, will renew deals they already have with existing core processors and other third-parties.
The only difference will be the investment in more technology. Institutions won't be shopping around to find the best or cheapest deals. Quite frankly, they don't have time; and most are bound to the third-parties with which they're already working - locked in to contracts that often span five-year terms.
So, we have to wonder how this week's global market developments are expected to impact fraud investments banks and credit unions make over the next 12 months. How much can they afford, and at what cost? [See Anti-Fraud Investments Recession Proof?]
Aite analyst Julie McNelley says she doesn't expect investments in fraud prevention to be affected by the caving internal and domestic stock markets. Not now, anyway, when federal regulators are turning up the heat.
"The need for fraud-prevention tools increases during times of recession," she says. "That doesn't mean that they'll necessarily see increased spend, but it does mean that they will not see the chopping block quite as quickly as some other types of spending initiatives."
I do wonder how much more can go on the chopping block, though. How much can be cut? And will regulators take any of this into consideration, now that market turbulence has shed new light on soft spots in our fragile economy?
I suspect, if economic dips continue to deepen, we can expect to see some incentive, financial relief or leeway from the Fed and FFIEC on some of the recent demands and burdens banking institutions have been asked to shoulder.
But that's just one blogger's opinion. What's your perspective?