Fraud Specialist Level Cyber Threat Intelligence: Speaking the Same Language Across the Enterprise

Fraud continues to escalate, despite increased investment in fraud detection and enhanced authentication. Why? Because socially engineered attacks remain the primary sources of breached data, network intrusions, and fraud that is waged against consumers. No amount of technology in identity verification will prevent a consumer from willingly providing access to their accounts. Socially engineered attacks bypass technology by manipulating human psychology, and they are nothing new. But fraud teams could be empowered to more readily detect fraud linked to socially engineered schemes if they had more visibility into behavioral anomalies and compromised account patterns that their counterparts within cyber threat intelligence teams are gathering on an hourly, often real-time, basis. And more insight into suspicious activity reported by anti-money-laundering teams could help fraud managers and specialists connect dots to account takeovers that began with a socially engineered attack waged against a customer, member, or employee. 

Sadly, corporate cultural misalignment and gaps in talent have prevented cross-departmental training and successful talent acquisition within and across cybersecurity, fraud, and AML teams. As a result, successful cyber-fraud integration, or “fusion,” has been delayed because cybersecurity, fraud, and AML teams are separately funded, separately managed, and separately orchestrated, leaving fraud managers and specialists not just at odds with their cyber and AML colleagues but often in competition. This collaborative challenge must be tackled from the top down, meaning the C-suite must ensure that cyber and fraud teams have the tools and budget they need to integrate information sharing and strengthen cross-departmental collaboration. How fraud managers make the case to upper management for cyber-fraud integration and fusion will depend in large part on how well they align data and structure investment requests around cyber risk taxonomy and best practice frameworks such as the MITRE ATT&CK. Fraud managers must illustrate for the C-suite how strong cybersecurity and access to cyber threat intelligence directly supports long-term fraud reduction and prevention, making cyber resiliency a key performance indicator for integrated teams. 

Foreword 

This Javelin Strategy & Research report, sponsored by Mastercard, details the cybersecurity and fraud integration challenges organizations face because of antiquated practices, duplicated technology, and outdated corporate culture, leaving them at increased vulnerability to cyber-attack, cyber intrusion, and fraud. Successful cyber-fraud integration or “fusion” has been delayed because AML, fraud, and cybersecurity teams are separately funded, leaving fraud managers and specialists not just at odds with their cyber and AML colleagues, but often in competition.