Practices of Responding to Infringement of Rights on the Internet for Companies Part 1
2023/8/3
What should be done to prevent information leaks?Introduction of causes, cases, and countermeasures after leakage
2023/8/7
"Internal improprieties" by mid-career leavers and current employees are no stranger to any organization, just like cyberattacks from the outside.Here, basic knowledge such as the current state of internal improprieties, the risks faced by companies, and the causes of improprieties will be explained.We will also introduce specific examples and measures to prevent them from occurring.
What is internal impropriety?
Internal improprieties refer to fraudulent acts committed by persons or former persons involved in companies/organizations, and include not only intentional acts for financial purposes, but also cases such as operational errors.There are various kinds of internal improprieties, such as information leaks that take out confidential information and information assets without permission, embezzlement of money such as inflated claims and illegal kickbacks, accounting fraud such as falsification of financial information, and misrepresentation of quality inspection results and experiment results. Data falsification, etc.
Current status of internal improprieties
Among internal improprieties, for example, internal improprieties related to information security are serious. ” is the 10th place.It has moved up one rank from 2023th place in the previous year, and its social impact is increasing.
*Reference: 10 Major Threats to Information Security 2023 (IPA) https://www.ipa.go.jp/security/10threats/10threats2023.html
Corporate risks due to internal improprieties
If internal improprieties cause damage to customers or business partners, economic losses such as compensation for damages will occur.The social credibility as a company will be lost, and the competitiveness in the industry will also decline.Not only does it threaten the very existence of the company, but in the worst case, it can also lead to criminal penalties.
Causes of internal improprieties
Regarding the causes of internal fraud, we will explain the mechanism of fraud occurrence based on the "fraud triangle theory".
Fraud risk from the “fraud triangle”
The "Fraud Triangle Theory" is a theory that models the process of people committing fraud, and is a concept commonly used in the fields of fraud investigation and risk management.It defines the causes of fraud as having three factors: “motivation,” “opportunity,” and “justification.”
“Motive” is the motive for the person to commit fraud.Financial problems and desires, heavy quotas imposed by the company, and the desire to cover up business mistakes can also be motivations. "Opportunity" means that there is an opportunity to commit fraud in an environment where internal controls and oversight systems are not functioning, or in a position where they can be ignored.And "justification" refers to a psychological state that justifies one's wrongdoing, such as "the company is bad" or "everyone else is doing it".
Technical and human factors
Fraud factors include technical factors and human factors.Technical factors include access to confidential information by unauthorized employees, lack of logging, etc. Neglecting these technical measures can provide an "opportunity" for fraud. It will be.Human factors include personnel evaluations, dissatisfaction with companies and organizations, and stress in work and human relationships.It is also important to maintain an organization that does not overburden or dissatisfy employees.
Examples of internal improprieties
Here are some examples of internal improprieties that actually occurred at Japanese companies.
embezzlement of money
At Company A, a former executive used a senior manager's computer to make an electronic transfer to an overseas account on the night of his retirement and fled the country.It's because I didn't deactivate my electronic key card on the night of my retirement.
External leakage of confidential information
At Company B, a former employee of a business partner illegally took research data out of the company and provided it to a new overseas company.Dissatisfaction with the treatment is said to be the motive for the fraud due to neglecting to monitor logs such as access history to important information and restricting the use of recording media at the time of retirement.
program tampering
At Financial Institution C, an employee who was disgruntled with management tampered with the risk assessment program for buying and selling bonds to incrementally increase the risk of trading.Another cause was the lack of management, such as the regular use of a tool that compares the hash values of files.
* Reference Guidelines for Preventing Internal Improprieties in Organizations, Appendix I: Case Studies of Internal Improprieties https://www.ipa.go.jp/security/guide/hjuojm00000055l0-att/ps6vr7000000jvcb.pdf
Measures to prevent internal fraud
We will explain the measures that companies should take to prevent internal improprieties such as these cases.
Technical measures such as access restrictions and password authentication
The first measure is to prevent unauthorized access from inside.Implement technical measures such as access controls and multi-factor authentication to limit who has access to sensitive information.Physical measures such as entry/exit restrictions and disposal of unnecessary storage media are also effective.
Strengthening monitoring system such as access log and entry/exit record management
The second measure is to strengthen the monitoring system.We will thoroughly manage entry/exit records, terminal removal records, and access logs so that even if someone attempts internal impropriety, we can immediately detect and deal with it.Concentrating authority on a specific person makes it difficult to detect internal improprieties, so it is also important to decentralize authority and build a mutual monitoring system.
Formulation of internal impropriety guidelines and organizational education
The third measure is the formulation of guidelines and implementation of security education.The lack of clear policies and rules against internal improprieties is also a reason to justify internal improprieties.It is important to thoroughly disseminate the risks when they are discovered so that they are not motivated or justified.
*Reference Guidelines for preventing internal improprieties in organizations (IPA) https://www.ipa.go.jp/security/guide/insider.html
If an internal impropriety occurs, a “forensic investigation” is required
If an internal impropriety still occurs, the company must conduct a "forensic investigation."
What is a forensic investigation?
A forensic investigation that reveals evidence of a crime or wrongdoing.Investigating the cause will allow us to formulate measures to prevent recurrence, and by clarifying where responsibility lies, we will be able to prepare in the event that it develops into a lawsuit.
Forensic investigation using AI
It can be said that the use of AI (artificial intelligence) is now essential in modern forensic investigations that mainly target digital data and handle enormous amounts of data.By having the AI learn the judgment criteria by looking at a small number of sample files, the large amount of data can be sorted into those that are likely to be related and those that are not.The simple data sorting work that must be done at the beginning of a survey can be done in a short time by a small number of people, which not only improves the efficiency of the survey, but also improves accuracy by concentrating the resources of experts.
You should consult a research company instead of doing your own research
In a situation where internal improprieties are suspected in the first place, the legitimacy of the evidence will be compromised if someone inside the company conducts a forensic investigation.To ensure neutrality, it is better to use an external vendor.
For more information on forensic investigations, please also see this page.
For forensic investigation requests, go to FRONTEO, which has a wealth of experience and a reputation for AI technology
Since its founding in 2003, FRONTEO has worked to solve the problems of various companies as a pioneer in fraud investigations in Japan.We have an established reputation for our technology and know-how based on outstanding experience.
By utilizing our in-house developed AI engine KIBIT, we have achieved significant labor saving and cost reduction during document review. We are realizing the transformation.
We have data centers in Japan, North America, South Korea, and Taiwan, and we have a system that allows us to store data without taking it out of the country, and we have perfect security.We provide seamless services to our clients' headquarters, local subsidiaries, and law firms.Fast support with global operations.
