Managing computer fraud

May 23, 2008

Shalini Kesar, a computer scientist at Southern Utah University in Cedar City, has devised an antifraud strategy for business. Writing in the International Journal of Business Information Systems from Inderscience Publishers, he suggests that managers should be made aware of security issues and send out cues to junior staff that they have this knowledge.

Combating digital fraud within any organizations is a growing problem for management. Researchers in this field and security practitioners have recently begun to emphasize the need to take into account the "social" aspects of information security. They also emphasize that a lack of communication at the wider organizational level is often associated with computer fraud.

"Computer fraud can result from incompetence, ignorance, negligence in the use of Information Technology or deliberate misappropriation by individuals," says Kesar. This results in the destruction of not only the main information systems but also backup systems, causing damages up to hundreds and thousands of dollars.

Kesar points out that reported cases of computer fraud only represent a tip of a potentially large iceberg. Anecdotal evidence suggests that employees pose one of the greatest threats because they are in a better position than "outsiders" to engage in computer fraud, Kesar adds.

Opportunistic computer fraud could be minimized, however, he says simply by raising managers' awareness and knowledge of how organizational structure can affect the effectiveness of security measures. Kesar uses the case of a well-known serious fraud that took place at an international bank together with the business theory of management theorist Henry Mintzberg to demonstrate how security breaches might be avoided by educating management.

"Lack of awareness of social and technical issues among managers largely manifest themselves in a failure to implement even the most basic safeguards and controls," the researchers conclude, "Concomitantly, if management ignores wider organizational structural issues then this too increases the likelihood of a potential offender committing computer fraud."

These two main insights point to Kesar's seemingly obvious solution, which simply involves teaching management and then subtly communicating management's new-found knowledge to employees.

Source: Inderscience Publishers

Explore further: Schwarzenegger pushes Congress to save after-school funding

add to favorites email to friend print save as pdf

Related Stories

US turns to rewards in hunt for overseas cyber criminals

Mar 19, 2015

The FBI considers Evgeniy Bogachev one of the world's most prolific and brilliant cyber criminals, slapping his photos—bald, beefy-faced and smiling faintly—on "Wanted" fliers posted online. The Russian ...

Encryption for everyone

Mar 16, 2015

In the wake of the revelations that intelligence agencies have been engaged in mass surveillance activities, both industry and society at large are looking for practicable encryption solutions that protect ...

Cebit 2015: Find out what your apps are really doing

Mar 10, 2015

These tiny programs on Internet-connected mobile phones are increasingly becoming entryways for surveillance and fraud. Computer scientists from the center for IT-Security, Privacy and Privacy, CISPA, have ...

Recommended for you

Destroyed Mosul artefacts to be rebuilt in 3D

Mar 27, 2015

It didn't take long for the scientific community to react. Two weeks after the sacking of the 300 year-old Mosul Museum by a group of ISIS extremists went viral on Youtube, researchers from the ITN-DCH, IAPP ...

Boys plagiarise more than girls at school

Mar 27, 2015

Research by the University of the Balearic Islands has analysed the phenomenon of academic plagiarism among secondary school students. The study, published in the journal Comunicar, confirms that this practi ...

User comments : 0

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.