Managing computer fraud

May 23, 2008

Shalini Kesar, a computer scientist at Southern Utah University in Cedar City, has devised an antifraud strategy for business. Writing in the International Journal of Business Information Systems from Inderscience Publishers, he suggests that managers should be made aware of security issues and send out cues to junior staff that they have this knowledge.

Combating digital fraud within any organizations is a growing problem for management. Researchers in this field and security practitioners have recently begun to emphasize the need to take into account the "social" aspects of information security. They also emphasize that a lack of communication at the wider organizational level is often associated with computer fraud.

"Computer fraud can result from incompetence, ignorance, negligence in the use of Information Technology or deliberate misappropriation by individuals," says Kesar. This results in the destruction of not only the main information systems but also backup systems, causing damages up to hundreds and thousands of dollars.

Kesar points out that reported cases of computer fraud only represent a tip of a potentially large iceberg. Anecdotal evidence suggests that employees pose one of the greatest threats because they are in a better position than "outsiders" to engage in computer fraud, Kesar adds.

Opportunistic computer fraud could be minimized, however, he says simply by raising managers' awareness and knowledge of how organizational structure can affect the effectiveness of security measures. Kesar uses the case of a well-known serious fraud that took place at an international bank together with the business theory of management theorist Henry Mintzberg to demonstrate how security breaches might be avoided by educating management.

"Lack of awareness of social and technical issues among managers largely manifest themselves in a failure to implement even the most basic safeguards and controls," the researchers conclude, "Concomitantly, if management ignores wider organizational structural issues then this too increases the likelihood of a potential offender committing computer fraud."

These two main insights point to Kesar's seemingly obvious solution, which simply involves teaching management and then subtly communicating management's new-found knowledge to employees.

Source: Inderscience Publishers

Explore further: Science funding should go to people, not projects

Related Stories

Facebook reveals new security tool

Jun 23, 2015

Facebook announced Tuesday it has been using a new security tool to help detect and remove malicious software for users of the world's biggest social network.

US data breach is intelligence coup for China

Jun 13, 2015

The hacking of millions of US government employees is likely part of an effort by Chinese intelligence for long-term profiling—and possibly more nefarious things.

Recommended for you

Smithsonian to improve ethics policies on research funding

Jun 26, 2015

After revelations that a scientist failed to disclose his funding sources for climate change research, the Smithsonian Institution said Friday it is improving its ethics and disclosure policies to avoid conflicts of interest.

User comments : 0

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.