Forrester Pegs B2B Fraud, Cyber Insurance Complacency as Top Threats in 2022

Forrester Pegs B2B Fraud, Cyber Insurance Complacency as Top Threats in 2022

Forrester Pegs B2B Fraud, Cyber Insurance Complacency as Top Threats in 2022

Increases in B2B fraud, cyber insurance complacency, and governance gaps in the work-from-anywhere model are among the top cybersecurity threats faced by businesses in 2022, according to a report released Tuesday by Forrester.

On the B2B fraud front, the company noted that fraudsters are increasingly not just impersonating people, but creating shell organizations and firms to defraud financial institutions, insurers, e-commerce retailers, car manufacturers, healthcare providers, and others.

These shell organizations then “employ” fraudsters who defraud primarily victim financial institutions, it continued. This scheme is not only relevant in fraud but also in money laundering, making the lives of investigators and compliance departments even more difficult.

“While these schemes have been around for at least a decade,” it explained, “we see fraudsters transitioning to B2B modes of operation at a much larger scale than before, as firms improve their B2C fraud protections.”

“The move from impersonating individuals to creating fake organizations is an evolutionary step in this type of fraud,” Tim Erlin, vice president of product management and strategy at Tripwire, a cybersecurity threat detection and prevention company, in Portland, Ore., told TechNewsWorld. “It will require evolutionary changes in security controls to mitigate the threat as well.”

Increases in B2B fraud are related to how businesses do business with each other, added Bojan Simic, CEO of Hypr, a passwordless solution company in New York City. “Traditionally,” he told TechNewsWorld, “there hasn’t been that much emphasis, in terms of cybersecurity, between companies to make sure that the businesses that they’re dealing with have proper controls in place.”

No Substitute for Security Controls
In the insurance domain, Forrester explained that growth in ransomware attacks starting in 2019 and a train of supply chain incidents in 2021 led companies to purchase or increase their cybersecurity coverage.

. . . . . . . . . . . . . . . . . . . . . . . . . . .

As losses mounted from the policies, carriers scrambled to tighten up their underwriting policies, as well as bumping up premiums by an average of 25% and, in some cases, removing coverages for certain kinds of attacks. That led to an awakening in boardrooms.

“What security leaders have long known but senior executives and boards are just now learning is that, without a risk mitigation strategy and investment in security program maturity, relying on cyber insurance alone is a threat to the organization,” Forrester noted.

“Cyber insurance is a protection tool, but organizations often feel it is their get-of- jail-free card,” observed James McQuiggan, security awareness advocate at KnowBe4, a security awareness training provider in Clearwater, Fla.

Leave a Reply

Your email address will not be published.