More than 80% of executives across several industries say their companies were hit by fraud incidents between July 2015 and July 2016, a percentage that has steadily increased over the last three years, according to risk solutions provider Kroll's Annual Global Fraud and Risk Report.
The current report, conducted by Forrester Consulting for Kroll, found that 82% of 545 executives surveyed said their companies were impacted by fraud in the last year, up from 75% in 2015 and 70% in 2013. Aside from fraud, 85% of executives surveyed said their companies were victimized by cyber incidents, including intentional attacks, during the 12-month period covered.
The Kroll report also suggested that the most common perpetrators of fraud, cyber and security incidents over that period were current and former employees. About 60% said attacks were perpetrated by some combination of current employees, former employees and third parties, with about 49% saying incidents involved all three groups.
Kroll’s report takes a deeper dive into several industry groupings, with one of those being retail, wholesale and distribution companies. Firms in this arena are not going to be encouraged by the responses Kroll collected, as the report indicates 83% of executives in this group said their companies experienced fraud over the 12 months the surveyed addressed, while 87% said they fell victim to a cyber incident during that time. Both percentages were slightly higher than the cross-industry averages of 82% and 85%, respectively.
The report stated that “theft of physical assets or stock was the most common type of fraud, while misappropriation of company funds was significantly more likely than in other industries.” The data, however, might not accurately represent the seemingly more frequent theft of customer data that we see — or at least that we fear — in the retail sector specifically. On the positive side, companies in this group were most likely of any industry group to have implemented asset security measures, the survey found.
Meanwhile, on the cyber front, “E-mail phishing attacks and insider theft of customer or employee data were the most commonly reported types of cyber incident, and customer records were the most common target,” the report stated. That lines up pretty well with retail’s growing awareness of and sensitivity to e-commerce fraud and other types of cyber attacks.
Retailers have made solid efforts to increase their protections against fraud and other security issues in the wake of some major incidents, like the big Target data breach of late 2013. We have experienced three years or so of increasing awareness and improving protection efforts since then, yet somehow it feels like the fight is just beginning.