On Friday, March 10, 2023 news broke that SVB was in trouble. With this news, activities started within our organization to understand our direct exposure. As with any event what we have learned over time is that fraudsters are quick. This rang true with Silicon Valley Bank (SVB). At that point cybersecurity, third-party risk, and business continuity were not included.
When these situations arise, it’s important to ask questions like, what if your company was hit with a bank fraud event like SVB Bank? Are you prepared? Do you know what steps to take before, during and after the event? In this document we want to share a few things we learned from the SVB event and how those learnings could help you in your business.
Our first step when the news broke was to look inward. The financial and accounting teams looked at how SVB Bank impacted us directly. While the teams were looking inward the questions arose: Do we have exposure within our suppliers, followed by the cyber threat being realized? Once we had these answers we had to incorporate them into our plans.
We realized second that we had potential business continuity and/or vendor exposure that we needed to add to the list of tasks to address. While we were thinking of business continuity, we were notified via an intelligence report that fraudsters were sending out notification to take advantage of the situation by having companies change their routing and account numbers as if they were the vendor. We had to ensure that we were following the best business practices to mitigate these types of fraudulent requests. Once we got the threat reports, we had to look at our internal procedures and processes. As we looked at how we were doing business we realized we had an opportunity to make it better.
Using what we learned, we would like to offer a template with some examples of how you can identify, address, and mitigate a fraud event. The most important thing to remember is that you must have a business continuity plan in place and that plan needs to be reviewed and updated on an annual basis, at minimum. The second most important thing to know is that once a fraudulent incident occurs you must be able to record the events not only for clarity in resolving the incident but also for future reference.
Let’s cover business email compromise (BEC) first. As we have become a global community,we need to understand that phishing attacks have become one of the most important areas for all businesses to understand. According to FBI IC3 reports, current BEC reports show that $2.7 billion in financial losses occurred in 2022. In fact, the number of incidents has been steadily rising since 2015 making fraudster attacks extremely important to identify and mitigate quickly. Research tells us that since 2018 BEC has reportedly grown 111%. Understanding the importance of liquidity, this becomes a key area to shore up preventative knowledge and practices in. So, the question becomes how do we prepare for BEC attacks? First, we needed to understand that it’s not just the responsibility of IT to keep our environment safe. There are five (5) key things all companies need to do to bulk up their knowledge in BEC attacks. They include:
Next, let’s discuss Business Continuity steps that should be set up and taken that include the steps we took as an example. This should be done on a timely basis and as a timeline of events. Here’s what that should look like this:
How to address exposure that includes companies/people you do business with:
How to address your company’s exposure. (Include Customers and Partners in this process):
If you’d like to learn more about what the Netskope Security team is talking about, check out the Inside Netskope Security section in the Netskope Community.
In order to view this content, you will need to sign in to your account. Simply click the "Sign In" button belowSign In