The CEO and finance director of film company Pathé’s Dutch operation have been sacked, after falling victim to a sophisticated BEC scam that netted the criminals €19 million ($21 million).
BEC scams are, generally, much more focused and sophisticated than traditional phishing attacks, “in the sense that the bad actor scrapes compromised email inboxes, studies recent company news, and researches employees on social media sites so the email scams slip through spam filters,” according to Tony Pepper, CEO, Egress Software.
The constant threat of data breaches is the reality of the world we now live in. And the issue of data protection (or failure to protect) is a sackable offence.
As a result of this changing landscape, a report from Big Data London found that 15% of UK CEOs are now fully in charge of data. Last year, this figure was zero.
Organisations need to improve data protection and compliance protocols
Avoiding the chopping board
Technology can add an extra layer to organisations’ security and avoid the trap.
The application of AI and big data analysis in cyber security has now made it possible to mitigate this risk, according to Pepper.
“By analysing people’s email behaviour, smart technology can now recognise patterns and highlight anomalies. In cases where a phishing email requires an individual to respond, they can be alerted to the fact they haven’t emailed this recipient before or that the recipient’s domain is not trusted – immediately raising a red flag for the user in scenarios where cybercriminals are leveraging established relationships.”
“At a time when data breaches are becoming much more prevalent and user-centric and organisations are struggling to mitigate the risks caused by unpredictable user behaviour, it couldn’t be a more crucial time to implement this type of technology.”