{"id":199218,"date":"2021-11-24T17:57:13","date_gmt":"2021-11-24T17:57:13","guid":{"rendered":"https:\/\/bm.dev.synology.me\/?p=199218"},"modified":"2021-11-24T17:57:13","modified_gmt":"2021-11-24T17:57:13","slug":"corporate-intelligence-munca-de-acasa-expune-50-dintre-companiile-din-romania-la-atacuri-din-partea-hackerilor-si-la-fraude-din-partea-angajatilor","status":"publish","type":"post","link":"https:\/\/bm.dev.synology.me\/?p=199218","title":{"rendered":"Corporate Intelligence: Munca de acas\u0103 expune 50% dintre companiile din Rom\u00e2nia la atacuri din partea hackerilor \u015fi la fraude din partea angaja\u0163ilor"},"content":{"rendered":"<p>\nOdat\u0103 cu debutul pandemiei \u00een Rom\u00e2nia, confrunt\u00e2ndu-se cu noi vulnerabilit\u0103\u0163i, inexistente p\u00e2n\u0103 la acel moment, companiile au c\u0103utat s\u0103 ia rapid m\u0103suri \u00een vederea adapt\u0103rii la noua realitate \u015fi s\u0103 investeasc\u0103 \u00een \u00eembun\u0103t\u0103\u0163irea sistemelor de securitate, pentru a asigura continuitatea activit\u0103\u0163ii \u00een condi\u0163iile muncii de acas\u0103 \u015fi \u00een sistem hibrid. \u00cen consecin\u0163\u0103, \u00een ultimii doi ani, aproximativ 40% din companiile din Rom\u00e2nia \u015fi-au \u00eembun\u0103t\u0103\u0163it sau sunt \u00een proces de a-\u015fi \u00eembun\u0103t\u0103\u0163i sistemele de protec\u0163ie \u00eempotriva fraudelor ocupa\u0163ionale, \u00een condi\u0163iile \u00een care una din dou\u0103 organiza\u0163ii, indiferent de sectorul de activitate, a sesizat sau acuzat cazuri crescute de fraud\u0103 intern\u0103 sau din exterior de la \u00eenceputul pandemiei, potrivit unei analize realizate de Corporate Intelligence Agency, companie de management al riscului dedicat\u0103 mediului de afaceri.<\/p>\n<p>\nExperien\u0163a ultimilor doi ani a demonstrat riscurile muncii de acas\u0103 \u015fi hibrid, printre practicile adoptate care vulnerabilizeaz\u0103 companiile fiind: contracte \u00eencheiate pe diferite sisteme de mesagerie (\u00eentr-unul dintre cazurile aduse \u00een aten\u0163ia Corporate Intelligence Agency, o companie a fost astfel prejudiciat\u0103 cu peste 250.000 de euro); dezv\u0103luirea de date sensibile \u00een e-mailuri private, nesecurizate, folosite de hackeri pentru opera\u0163iuni de ransomware sau chiar atacurile tip audio deepfake (\u00eentr-unul dintre cazurile Corporate Intelligence Agency, s-a \u00eencercat autorizarea unui transfer de 1 milion de euro printr-o \u00eenregistrare de voce falsificat\u0103 a unui partener vechi); fraude comise de angaja\u0163i, precum \u00eensu\u015firea de baze de date, coresponden\u0163\u0103 \u015fi tehnologie, dar \u015fi furtul de timp, cu angaja\u0163i conecta\u0163i la sistemele companiei ce desf\u0103\u015foar\u0103, \u00eens\u0103, alte activit\u0103\u0163i.<\/p>\n<p>\nOdat\u0103 cu impunerea ca norm\u0103 a lucrului de acas\u0103, \u00een multe dintre companiile din Rom\u00e2nia, fenomenul infrac\u0163ional a crescut cu circa 40% \u00een privin\u0163a cazurilor de fraud\u0103 per ansamblu. O parte dintre acestea reprezint\u0103 infrac\u0163iuni din interior ce pot fi depistate chiar de angajator, \u00eens\u0103, \u00een paralel cu cre\u015fterea cazurilor de fraud\u0103, este evident\u0103 \u015fi o sl\u0103bire propor\u0163ional\u0103 a mecanismelor de protec\u0163ie \u2013 \u00een special, din cauza restric\u0163iilor impuse \u00een pandemie \u015fi de investigare efectiv\u0103 a acestor cazuri.<\/p>\n<p>\n\u201e\u00cen mediul de business rom\u00e2nesc, cu mici excep\u0163ii, lipse\u015fte cultura preven\u0163iei, companiile av\u00e2nd un comportament reactiv. Abia c\u00e2nd se \u00eent\u00e2mpl\u0103 ceva, organiza\u0163iile devin preocupate de investi\u0163ii \u00een procese \/ proceduri \u015fi sisteme care s\u0103 le permit\u0103 continuarea activit\u0103\u0163ii. Pentru a-\u015fi continua dezvoltarea \u00een astfel de perioade, liderii din companii trebuie s\u0103 \u00ee\u015fi adapteze mentalitatea de business \u015fi la situa\u0163ii de criz\u0103 \u015fi s\u0103 investeasc\u0103 \u00een sisteme de preven\u0163ie, control \u015fi preg\u0103tirea angaja\u0163ilor pentru adaptarea la condi\u0163ii excep\u0163ionale de lucru. Iar WFH este un caz clar de amenin\u0163are asimetric\u0103 la adresa integrit\u0103\u0163ii opera\u0163iunilor de business\u201d, spune Gabriel Zgunea, CEO Corporate Intelligence Agency.<\/p>\n<p>\n<strong>Cum pot companiile s\u0103 \u00ee\u015fi reduc\u0103 vulnerabilit\u0103\u0163ile<\/strong><\/p>\n<p>\nPentru a preveni \u015fi depista cazurile de fraud\u0103, companiile trebuie s\u0103 investeasc\u0103 \u00een personal specializat, cu competen\u0163e \u00een perfec\u0163ionarea sistemelor de compliance \u015fi securitate a datelor, respectiv a sistemelor informatice. O cre\u015ftere minim\u0103 de circa 30% a bugetului dedicat acestui aspect poate fi suficient\u0103 pentru a limita poten\u0163ialul de fraud\u0103 intern\u0103 \u00een organiza\u0163ii.<\/p>\n<p>\nLa nivel general, pentru a limita vulnerabilit\u0103\u0163ile asociate lucrului la distan\u0163\u0103 \u015fi \u00een sistem hibrid, companiile trebuie s\u0103 fac\u0103 o analiz\u0103 a noilor riscuri \u015fi realit\u0103\u0163i, s\u0103 \u00ee\u015fi adapteze \u015fi \u00eembun\u0103t\u0103\u0163easc\u0103 sistemele de securitate (prin criptarea datelor \u015fi implementarea de filtre de autorizare\/acces, spre exemplu), dar \u015fi s\u0103 implementeze noi proceduri, teste \u015fi scenarii de lucru, dup\u0103 sesiuni de preg\u0103tire cu companii specializate \u00een preven\u0163ia de risc, care indic\u0103 \u00een mod specific zonele deosebit de expuse \u015fi unde este de a\u015fteptat s\u0103 creasc\u0103 num\u0103rul de cazuri de fraud\u0103.<\/p>\n<p>\nControlul aleatoriu asupra activit\u0103\u0163ii angaja\u0163ilor din partea angajatorului, dar \u015fi analize de cunoa\u015ftere comportamental\u0103 \u015fi testele de integritate \u015fi de testare inclina\u0163iei c\u0103tre fraud\u0103&nbsp; trebuie asumate ca proceduri s\u0103n\u0103toase \u015fi fire\u015fti \u00een organiza\u0163ie. \u201eEste o abordare foarte riscant\u0103 din partea unei companii s\u0103 nu exercite func\u0163ia de control din ra\u0163iuni de menajare a confortului psihic a angajatului sau care \u0163in de cultura organiza\u0163ional\u0103, dac\u0103 exist\u0103 suficiente semnale care indic\u0103 o posibil\u0103 fraud\u0103\u201d, spune Dan Rusu, senior partner Corporate Intelligence Agency.<\/p>\n<p>\nDe la \u00eenceputul pandemiei, au existat companii, mai ales multina\u0163ionale, care aveau deja implementate proceduri de BCP (business continuity plan) \u015fi au avut o trecere f\u0103r\u0103 sincope la sistemele work from home (WFH) \u015fi hibrid, \u00eens\u0103 majoritatea companiilor au fost complet surprinse de implica\u0163iile derivate din starea general\u0103 de lockdown. Organiza\u0163iile care investesc \u00een preven\u0163ie, at\u00e2t \u00een sisteme, c\u00e2t \u015fi \u00een traininguri pentru angaja\u0163i, vor beneficia de un grad mare de flexibilitate \u00een adaptarea \u00een siguran\u0163\u0103 la noua realitate din lumea muncii.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Odat\u0103 cu debutul pandemiei \u00een Rom\u00e2nia, confrunt\u00e2ndu-se cu noi vulnerabilit\u0103\u0163i, inexistente p\u00e2n\u0103 la acel moment, companiile au c\u0103utat s\u0103 ia rapid m\u0103suri \u00een vederea adapt\u0103rii la noua realitate \u015fi s\u0103 investeasc\u0103 \u00een \u00eembun\u0103t\u0103\u0163irea sistemelor de securitate, pentru a asigura continuitatea activit\u0103\u0163ii \u00een condi\u0163iile muncii de acas\u0103 \u015fi \u00een sistem hibrid. \u00cen consecin\u0163\u0103, \u00een ultimii doi [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[510],"tags":[15188,201,26707],"class_list":["post-199218","post","type-post","status-publish","format-standard","hentry","category-actualitate","tag-cazuri","tag-companii","tag-fraudare"],"_links":{"self":[{"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=\/wp\/v2\/posts\/199218","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=199218"}],"version-history":[{"count":0,"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=\/wp\/v2\/posts\/199218\/revisions"}],"wp:attachment":[{"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=199218"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=199218"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=199218"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}