26
Fraud and Prevention: Lessons from the Fire Service August 24, 2015 1

Fraud and Prevention: Lessons from the Fire Service August 24, 2015 1

Embed Size (px)

Citation preview

Page 1: Fraud and Prevention: Lessons from the Fire Service August 24, 2015 1

1

Fraud and Prevention:Lessons from the Fire ServiceAugust 24, 2015

Page 2: Fraud and Prevention: Lessons from the Fire Service August 24, 2015 1

2

Today’s Discussion

By the numbers

Practical nextsteps

Lessons from the fire service

Page 3: Fraud and Prevention: Lessons from the Fire Service August 24, 2015 1

3

Today’s Discussion

Lessons from the fire service

Practical nextsteps

By the numbers

Page 4: Fraud and Prevention: Lessons from the Fire Service August 24, 2015 1

42012

2013

2014

2015

IRS

Aus.Img.Dept

US OfficeOf Personnel

Mgmt[2nd Breach]

US OfficeOf Personnel

Mgmt

CalifDept of

Child Svcs

FloridaDept of

Juv Justice

FloridaCourts

KissingerCables

MedicaidOffice of

The TexasAttorney General

WashingtonCourt System

South AfricanPolice

GreekGovernment

Government Data Breaches Since 2012:Selected losses of 30,000+ records

Source: informationisbeautiful.net.

Page 5: Fraud and Prevention: Lessons from the Fire Service August 24, 2015 1

5

“The South Carolina Department of Revenue data breach in 2012 exposed 3.6 million Social Security numbers to hackers.”

-Government Technology

Page 6: Fraud and Prevention: Lessons from the Fire Service August 24, 2015 1

6

“Names, birth dates, Social Security numbers, and other personally identifiable information belonging to about 850,000 job seekers in Oregon was exposed after hackers gained illegal access to a database containing information at the State Employment Department.”

-Information Week

Page 7: Fraud and Prevention: Lessons from the Fire Service August 24, 2015 1

7

“The personal data of an estimated 18 million current, former and prospective federal employees were affected by a cyber breach at the Office of Personnel Management.”

-CNN

Page 8: Fraud and Prevention: Lessons from the Fire Service August 24, 2015 1

8

“Medicaid Suffers Massive $33M in Fraud in at Least 4 US States.”

-Sputnik International

Page 9: Fraud and Prevention: Lessons from the Fire Service August 24, 2015 1

9

94M Government Records Since 2009

58 days between discovery and disclosure

$201 per record breached

$5.8M per breach

Sources: “Rapid7 Report: Data Breaches in the Government Sector.” Rapid7. September 6, 2012.

2014 Cost of Data Breach Study, Ponemon Institute, Navigant Breach Report, March 2014.

Page 10: Fraud and Prevention: Lessons from the Fire Service August 24, 2015 1

10

Small & Medium Sized States…

Large States…

~15Mper month

attacks

~10Mper day

attacks

Source: NASCIO. Conveyed at the 2015 NASBO Annual Conference.

Page 11: Fraud and Prevention: Lessons from the Fire Service August 24, 2015 1

11

Less than half of all data breaches are due to malicious attacks

44% 31% 25% maliciousattacks

humanerror

systemglitches

Source: 2014 Cost of Data Breach Study, Ponemon Institute, Navigant Breach Report, March 2014.

Page 12: Fraud and Prevention: Lessons from the Fire Service August 24, 2015 1

12

Today’s Discussion

Practical nextsteps

By the numbers

Lessons from the fire service

Page 13: Fraud and Prevention: Lessons from the Fire Service August 24, 2015 1

13

246530

every… a fire department responds to a fire

one structure fireis reported

one civilian fireinjury is reported

seconds

seconds

minutes

Source: National Fire Protection Agency

Page 14: Fraud and Prevention: Lessons from the Fire Service August 24, 2015 1

14

1980 Today

Source: Michael J. Kartner. Fire Loss in the United States.

734,000home fires

370,000home fires

5,200fire deaths

2,520fire deaths

Page 15: Fraud and Prevention: Lessons from the Fire Service August 24, 2015 1

15

Q: How was the fire service able to achieve over a 50% decrease in each of these

important areas?

Page 16: Fraud and Prevention: Lessons from the Fire Service August 24, 2015 1

16

AdequateFunding

ExecutiveSupport

ModernTechnology

Visibility &Influence

Governance &Authority

FireProfessionals

A: Through vigilant and deliberate action across the fire service.

Page 17: Fraud and Prevention: Lessons from the Fire Service August 24, 2015 1

17

AdequateFunding

ExecutiveSupport

ModernTechnology

Visibility &Influence

Governance &Authority

Fire SecurityProfessionals

States face a lack of [sic] as it relates to cybersecurity and fraud prevention…

Source: NASCIO State CIO Survey, 2014.

Page 18: Fraud and Prevention: Lessons from the Fire Service August 24, 2015 1

18

Today’s Discussion

By the numbers

Lessons from the fire service

Practical nextsteps

Page 19: Fraud and Prevention: Lessons from the Fire Service August 24, 2015 1

19

Have a plan – A call to action from the NGA

Establish a governance and authority structure

Conduct risk assessments and allocate resources accordingly

Implement continuous vulnerability assessments

Create a culture of risk awareness

Page 20: Fraud and Prevention: Lessons from the Fire Service August 24, 2015 1

20

Stop looking in the rear view mirror.

Continuous Diagnostics & Monitoring tools can help.

Page 21: Fraud and Prevention: Lessons from the Fire Service August 24, 2015 1

21

“Too little attention has been placed on continuous controls monitoring by chief

financial officers, internal auditors, and corporate risk

management and compliance leaders…

CCM solutions can increase operational efficiency for critical financial processes,

reduce fraud and improve financial governance

resulting in a substantial return on investment.”

Page 22: Fraud and Prevention: Lessons from the Fire Service August 24, 2015 1

22Techniques for detecting and preventing fraud.

Rules Based Analytics &

Known Patterns

Data Science & Predictive

Analytics

Page 23: Fraud and Prevention: Lessons from the Fire Service August 24, 2015 1

23

Address the talent crisis.

Hire the right professionals

Collaborate with HR and definecareer paths

Provide training and development for professionals

Page 24: Fraud and Prevention: Lessons from the Fire Service August 24, 2015 1

24

All four layers of controls must be monitored across processes.

Page 25: Fraud and Prevention: Lessons from the Fire Service August 24, 2015 1

25Establish a fraud prevention framework.

Page 26: Fraud and Prevention: Lessons from the Fire Service August 24, 2015 1

26

Questions?