Instrumented Interconnecteds Intelligent

Theresa Payton, Founder, Fortalice, LLC; Author

Theresa Payton, Founder, Fortalice, LLC; Author

From 2006-2008, Theresa Payton served as the White House CIO for the Bush administration. In 2008 she founded Fortalice, a security consulting firm focused on fraud issues related to consumer protection. She spoke today at IBM’s Counter Fraud Summit in New York. A Smarter Planet caught up with her to get her perspectives.  Here’s a snapshot of that conversation.

Smarter Planet: What types of fraud do you believe businesses should brace themselves for in 2014 and beyond?
Theresa Payton: There are multiple types of fraud consistently reported by businesses around the globe. They include the back office type, such as asset misappropriation, accounting fraud and procurement fraud. There are also fraud and financial crimes related to money laundering, and false claims. And then there’s also cybercrime. With all the digital smokescreens now available, I believe you will see these types of fraud continue. But you will also see cybercrime as a percentage of overall fraud numbers climb as the entry point to fraudulent activity.

SP: Do you feel that if companies would just meet compliance guidelines they will win the war on fighting fraud and data breaches?
TP: Compliance does not equal security. Ask any CEO of a recently breached company and most will tell you they thought they were compliant.  Any recently hacked company will tell you they followed PCI compliance but it did not help them beat the hackers. The SnapChat CEO famously said on television, “We thought we had done enough.” To compound the sober start to 2014, the 2013 Verizon data breach study should be a warning to all CEOs regarding cyberattacks to come. They predict cyberattacks will increase in complexity and sophistication. They also predict a reversal in the trend to spot breaches sooner and we may see those statistics take a negative turn.

SP: What does fraud do to a company’s brand with their customers?
TP: It can be devastating to the brand and long-term customer loyalty.  Over the past few months, we’ve seen some of the most alarming and far reaching breaches in history.  Personal information from hundreds of millions of customers has already been compromised this year with that figure sure to climb.

All the goodwill, brand value and trust these organizations work so hard to build with customers over years and years can vanish in an instant. The old mantra about the higher costs of attracting loyal new customers versus keeping existing ones remains true. So when you think about it from that perspective, the damage to the brand in many ways far outdistances any near-term financial losses.

With respect to fraud detection, the ability to recognize legitimate customers and process their transactions quickly without falsely flagging them as suspicious, while simultaneously stopping the fraudsters has a tremendous impact on customer retention and satisfaction.

SP: Do you see legislation being passed that will impact data breach notifications and cyber security requirements?
TP: I believe we will move to a Federal set of standards for data breach notifications but we should be careful what we ask for. The Federal government does not have a good idea of how much it costs to prevent fraud at all points, physical and digital, and the laws passed could be burdensome. Passing cybersecurity legislation is no easy feat in today’s political climate.  The interdependencies of systems, information, and to the degree we use technology to improve our daily lives, means we are more at risk than ever.

I often tell businesses there are two kinds of organizations:  1.  Those that were hacked and they are learning from it; and 2.  Those that do not know they have been hacked.  The stark reality is not “will we get attacked” but “when will we get attacked.”  How soon will we even know and are we going to be resilient?

SP: Do you have a checklist that you recommend that companies use?
TP: Yes, this is the high level checklist I use with my clients and it helps get the conversation going.

1. First we need to change the conversation and elevate it to the C-suite.  Do not accept the adage that fraud is a cost of doing business.  Every dollar you charge off to fraud could be impacting your brand, revenue activities, and it could be funding criminal activities

2. Next, determine what you are fighting to protect and get focused on those most critical assets.

3. Test whether or not those assets can be taken and used fraudulently

4. This is a team effort.  You cannot delegate this to the Fraud Loss Prevention team.  Fighting fraud starts at the front end with the customer – your marketing and customer service departments.  Get them in on the action.

5. Fight the tendency to leverage the silos to fight fraud.  You have to bust the silos to effectively protect and deflect attempts at fraud.  This requires a focus on people, process and a technology platform that allows each team to be the subject matter experts for their line of business while also sharing important knowledge and leads that could avert fraud or detect it sooner.

6. Perform regular checks to ensure that essential controls are met.

7. Collect, analyze and share incident data across all lines of business and merge the thinking on physical and digital protection.  Financial crimes, insider threats, cybersecurity events or breaches of physical facilities can lead to fraud. The key is to create a rich information source that can drive fraud prevention and detection program effectiveness.

8. Without de-emphasizing prevention, focus on better and faster fraud detection through a blend of people, processes, and technology.

9. Don’t underestimate the tenacity of fraudsters and don’t rely solely on technology.  Yes, technology is an enabler, but organizations need to have an internal culture where collaboration and sharing information across dispersed departments is critical to fighting fraud.

10. Always be learning.  What can we learn from other organizations, previous breaches, other industries and law enforcement?

To join the conversation follow #counterfraud on twitter. For more information, visit

Related Stories:

Using Big Data to Stop Fraud in its Tracks

Follow IBM Smarter Planet on Google+

Bookmark and Share

Previous post

Next post

January 8, 2015
2:55 pm

Hi there outstanding website! Does running a blog such as this take a large amount of work? I’ve absolutely no expertise in computer programming but I was hoping to start my own blog soon. Anyhow, should you have any recommendations or techniques for new blog owners please share. I understand this is off subject but I just had to ask. Thanks!

Posted by: Romance Scammers
September 21, 2014
1:15 am

Excellent write-up. I definitely love this website.


Posted by:
September 2, 2014
5:10 am

You need lipid burning potential and activation of the metabolism so that it works the
most efficiently. The medications used for the injections and the oral drops are made
in unregulated nations, and the FDA does not approve of them.
The taste alone may be enough to keep you from wanting
to overeat.

Posted by: hcg weight loss Oral Drops
July 25, 2014
2:21 pm

There are those who don’t like the shopping experience.
Laughter, smiles and playfulness were the norm for his photos, but
it was not in fashion photography. Make room for your trendy new
wardrobe by going through your old clothes
and getting rid of unwanted clothes.

Posted by: pakistani boutique oscar dresses 2014
July 14, 2014
1:51 am

This includes the actual purchase price of the building, and most of the
closing and settlement expenses, such as Realtor’s fees, surveys, deed preparation, points, loan origination fees,
attorney fees, and appraisal fees. are in delhi, India
and want to eat south indian food then click here. Climate change is only part of our environmental
problems that will affect our world, the list goes on and all
will have an epic effect overall on the planet in a negative way.

It’s usually the landowner that just says yes to someone who
pulls up in the driveway and asks to hunt that
will regrets it later. Check classified ads, speak with store managers to volunteer to haul
away their “trash”, and watch for curb-side freebies
on trash day. The 10 key advantages of real estate investing in an apartment or Multi-Unit real
estate properties are:. Unfortunately, there are very few one size fits all risks for real estate investing, as
each type of investing is inherently different. Customers may enter
into long-term pricing contracts for wind to reduce the risk of future pricing changes,
thereby ensuring more stable returns for projects at the development stage.
Mushroom farming is among the top source of income of people in this region. In October, a joint venture of Kettler (as local
managing partner) and Cornerstone Real Estate Advisors (as institutional equity partner) sold
the 326-unit, 2004-vintage “Metropolitan at Pentagon Row” luxury apartment property to Equity
Residential, the large apartment REIT, for
around $100 million.

Posted by: aarp health insurance
July 8, 2014
1:36 pm

Luckily (or unluckily), my brush with hormonal acne didn’t
start until after I entered college–a problem which initiated my obsession with full coverage foundations
that ultimately made the problem worse. This makes them a
feasible option over chemically enhanced
skin care products. A wrinkle can be compared with a wound
to the skin.

Posted by: skin care product reviews
May 22, 2014
9:13 am

I found it quiet interesting, hopefully you will keep posting such type of nice blogs.Keep sharing.thanks.

Posted by: Marco Auto Locksmiths
1 Trackback
March 24, 2014
8:01 am

[…] Payton who previously served as the White House CIO for the Bush administration. In a Q and A with smarterplanet, she provided insight as to why the problem of fraud is significant and perhaps […]

Posted by: How to Combat Fraud and Financial Crimes ? IBM launches #CounterFraud Effort With Big Data and Analytics
Post a Comment