Presentation is loading. Please wait.

Presentation is loading. Please wait.

Fraud and Prevention: Lessons from the Fire Service August 24, 2015 1.

Published byJesse Hill Modified over 8 years ago

Similar presentations

Presentation on theme: "Fraud and Prevention: Lessons from the Fire Service August 24, 2015 1."— Presentation transcript:

1 Fraud and Prevention: Lessons from the Fire Service August 24, 2015 1

2 Today’s Discussion By the numbers Practical next steps Lessons from the fire service 2

3 Today’s Discussion Lessons from the fire service Practical next steps By the numbers 3

4 2012 2013 2014 2015 IRS Aus. Img. Dept US Office Of Personnel Mgmt [2 nd Breach] US Office Of Personnel Mgmt Calif Dept of Child Svcs Florida Dept of Juv Justice Florida Courts Kissinger Cables Medicaid Office of The Texas Attorney General Washington Court System South African Police Greek Government Government Data Breaches Since 2012: Selected losses of 30,000+ records Source: informationisbeautiful.net. 4

5 “The South Carolina Department of Revenue data breach in 2012 exposed 3.6 million Social Security numbers to hackers.” -Government Technology 5

6 “Names, birth dates, Social Security numbers, and other personally identifiable information belonging to about 850,000 job seekers in Oregon was exposed after hackers gained illegal access to a database containing information at the State Employment Department.” -Information Week 6

7 “The personal data of an estimated 18 million current, former and prospective federal employees were affected by a cyber breach at the Office of Personnel Management.” -CNN 7

8 “Medicaid Suffers Massive $33M in Fraud in at Least 4 US States.” -Sputnik International 8

9 94M Government Records Since 2009 58 days between discovery and disclosure $201 per record breached $5.8M per breach Sources: “Rapid7 Report: Data Breaches in the Government Sector.” Rapid7. September 6, 2012. 2014 Cost of Data Breach Study, Ponemon Institute, Navigant Breach Report, March 2014. 9

10 Small & Medium Sized States… Large States… ~15M per month attacks ~10M per day attacks Source: NASCIO. Conveyed at the 2015 NASBO Annual Conference. 10

11 Less than half of all data breaches are due to malicious attacks 44% 31% 25% malicious attacks human error system glitches Source: 2014 Cost of Data Breach Study, Ponemon Institute, Navigant Breach Report, March 2014. 11

12 Today’s Discussion Practical next steps By the numbers Lessons from the fire service 12

13 24 65 30 every… a fire department responds to a fire one structure fire is reported one civilian fire injury is reported seconds seconds minutes Source: National Fire Protection Agency 13

14 1980Today Source: Michael J. Kartner. Fire Loss in the United States. 734,000 home fires 370,000 home fires 5,200 fire deaths 2,520 fire deaths 14

15 Q: How was the fire service able to achieve over a 50% decrease in each of these important areas? 15

16 AdequateFundingAdequateFundingExecutiveSupportExecutiveSupportModernTechnologyModernTechnology Visibility & Influence Influence Governance & Authority AuthorityFireProfessionalsFireProfessionals A: Through vigilant and deliberate action across the fire service. 16

17 AdequateFundingAdequateFundingExecutiveSupportExecutiveSupportModernTechnologyModernTechnology Visibility & Influence Influence Governance & Authority Authority Fire Security Professionals Professionals States face a lack of [sic] as it relates to cybersecurity and fraud prevention… States face a lack of [sic] as it relates to cybersecurity and fraud prevention… Source: NASCIO State CIO Survey, 2014. 17

18 Today’s Discussion By the numbers Lessons from the fire service Practical next steps 18

19 Have a plan – A call to action from the NGA Have a plan – A call to action from the NGA Establish a governance and authority structure Conduct risk assessments and allocate resources accordingly Implement continuous vulnerability assessments Create a culture of risk awareness 19

20 Stop looking in the rear view mirror. Continuous Diagnostics & Monitoring tools can help. 20

21 “Too little attention has been placed on continuous controls monitoring by chief financial officers, internal auditors, and corporate risk management and compliance leaders… CCM solutions can increase operational efficiency for critical financial processes, reduce fraud and improve financial governance resulting in a substantial return on investment.” “Too little attention has been placed on continuous controls monitoring by chief financial officers, internal auditors, and corporate risk management and compliance leaders… CCM solutions can increase operational efficiency for critical financial processes, reduce fraud and improve financial governance resulting in a substantial return on investment.” 21

22 Techniques for detecting and preventing fraud. Rules Based Analytics & Known Patterns Data Science & Predictive Analytics 22

23 Address the talent crisis. Hire the right professionals Collaborate with HR and define career paths Collaborate with HR and define career paths Provide training and development for professionals 23

24 All four layers of controls must be monitored across processes. 24

25 Establish a fraud prevention framework. 25

26 Questions? 26

Download ppt "Fraud and Prevention: Lessons from the Fire Service August 24, 2015 1."

Similar presentations

Cybersecurity Update December 5, 2012. Agenda Cybersecurity – A growing problem Cybersecurity in other states (NASCIO/Deloitte Study) Structure Challenges.

Cybersecurity Update December 5, Agenda Cybersecurity – A growing problem Cybersecurity in other states (NASCIO/Deloitte Study) Structure Challenges.
OPERATING EFFECTIVELY AT WESD. What is Internal Control? A process designed to provide reasonable assurance the organizations objectives are achieved.

OPERATING EFFECTIVELY AT WESD. What is Internal Control? A process designed to provide reasonable assurance the organizations objectives are achieved.
EXTERNAL Corruption Prevention NetworkJuly 2007Fraud Control Planning Tax Office Fraud Control Planning: Tools and Techniques PRESENTED BY: Annalissa Hilton.

EXTERNAL Corruption Prevention NetworkJuly 2007Fraud Control Planning Tax Office Fraud Control Planning: Tools and Techniques PRESENTED BY: Annalissa Hilton.
The importance of a Compliance program is to ensure that our agency meets the highest possible standards for all relevant federal, state and local regulations,

The importance of a Compliance program is to ensure that our agency meets the highest possible standards for all relevant federal, state and local regulations,
COMPLIANCE AND INTEGRITY IN GOVERNMENT AND NON-PROFIT ORGANIZATIONS Michael E. Nawrocki, CPA Managing Partner Nawrocki Smith LLP, CPA’s Historical Perspective.

COMPLIANCE AND INTEGRITY IN GOVERNMENT AND NON-PROFIT ORGANIZATIONS Michael E. Nawrocki, CPA Managing Partner Nawrocki Smith LLP, CPA’s Historical Perspective.
Assessing the impact of an aging workforce across global organizations.

Assessing the impact of an aging workforce across global organizations.
Understanding & Managing Risk

Understanding & Managing Risk
David A. Brown Chief Information Security Officer State of Ohio

David A. Brown Chief Information Security Officer State of Ohio
Managing Fraud Risk in Government 2015 IIA District Conference March 10, 2015 David A. King, CPA, CFE – Director, Special Investigations North Carolina.

Managing Fraud Risk in Government 2015 IIA District Conference March 10, 2015 David A. King, CPA, CFE – Director, Special Investigations North Carolina.
Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.

Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.
Managing Fraud Risk in Higher Education 2014 UNC Fall Controller's Workshop November 10, 2014 David A. King, CPA, CFE – Director, Special Investigations.

Managing Fraud Risk in Higher Education 2014 UNC Fall Controller's Workshop November 10, 2014 David A. King, CPA, CFE – Director, Special Investigations.
Assessing Your Organizational Span of Control State Classification Office, September 2003.

Assessing Your Organizational Span of Control State Classification Office, September 2003.
Accessibility, Integrity, & Confidentiality: Security Challenges for E-Business Rodney J. Petersen University of Maryland & Educause/Internet2 Security.

Accessibility, Integrity, & Confidentiality: Security Challenges for E-Business Rodney J. Petersen University of Maryland & Educause/Internet2 Security.
Cybercrime Outlook on African banks Adwo Heintjes Global Head IT Audit & Ops Rabobank.

Cybercrime Outlook on African banks Adwo Heintjes Global Head IT Audit & Ops Rabobank.
Why Information Governance….instead of Records & Information Management? Angela Fares, RHIA, CRM, CISA, CGEIT, CRISC, CISM 817.352.4929 or

Why Information Governance….instead of Records & Information Management? Angela Fares, RHIA, CRM, CISA, CGEIT, CRISC, CISM or
 Jonathan Trull, Deputy State Auditor, Colorado Office of the State Auditor  Travis Schack, Colorado’s Information Security Officer  Chris Ingram,

 Jonathan Trull, Deputy State Auditor, Colorado Office of the State Auditor  Travis Schack, Colorado’s Information Security Officer  Chris Ingram,
IT Project Management in Virginia IT Project Management Audits in Virginia _____________________________________ NSAA IT Conference.

IT Project Management in Virginia IT Project Management Audits in Virginia _____________________________________ NSAA IT Conference.
SEC835 Database and Web application security Information Security Architecture.

SEC835 Database and Web application security Information Security Architecture.
The purpose and role of an audit committee Neeta Major Chief Internal Auditor.

The purpose and role of an audit committee Neeta Major Chief Internal Auditor.
Page 1 Keep Your Company Out of the Media Workshop Rachel Verdugo March 23, 2011 Reno, Nevada Protect and Control Your Data.

Page 1 Keep Your Company Out of the Media Workshop Rachel Verdugo March 23, 2011 Reno, Nevada Protect and Control Your Data.

Similar presentations

Ads by Google