Technology officers have had to throw out their existing playbooks post-pandemic when it comes to fighting fraud, says Sudheer Prem, CTO of Minneapolis-based Kevari. He spoke with StrategicCIO360 about the changes, how to handle them and the new spotlight on IT.
How did the immediate shift to remote work impact CIOs’ ability to mitigate fraud within their organizations?
Before Covid, the vast majority of security and fraud controls were centralized in the office, and budgets, systems and technology were designed to support those controls. But today, with the increased remote workforce, CIOs need to deal with hundreds or even thousands of different systems, networks, processes and technology while still working to protect against fraud. So in many ways, the impacts of the pandemic forced many CIOs and organizations to throw out their playbook and come up with a whole new way of approaching fraud mitigation.
In a matter of days, the vast majority of the workforce shifted to working remotely, and that created instantaneous security and fraud challenges CIOs hadn’t even imagined, tied to both technology limitations and people’s behaviors. Employees are now logging on using far less secure systems than the centralized ones we’ve spent millions of dollars and resources building and perfecting, which makes them easier targets.
For example, employees working from anywhere such as in a coffee shop or even in a private home can be targeted by eavesdroppers listening in on a conversation containing sensitive information. The tech community has responded by quickly developing technologies and introducing new policies and processes to combat and prevent this type of risk.
How is this shift impacting CIOs in the industry you primarily serve, banks and financial institutions?
This shift has created a massive change in the way small and medium-sized financial institutions work to know their customers. Before Covid, banks often tried to get their customers to come into the branch to conduct their banking business, and that alone was a significant hurdle for fraudsters to overcome. But during Covid and beyond, in-branch visits slowed to a standstill and the banks have been compelled to support nearly every type of customer interaction online without a lot of planning and preparation.
In my company Kevari’s fraud-protection work with financial institutions, we’re seeing a tremendous increase in the velocity of transactions—the number of new online accounts being opened during the pandemic has been exponential. And fraudsters are changing the way they work to exploit the new opportunities an online world has provided.
Regardless of whether the barrage of new-account openings are criminals attempting to set up fraudulent accounts or legitimate customers, the larger volume of online activity is demanding more attention and resources than ever before from an IT and security standpoint. We’re working with new customers, new employees and new processes. CIOs in the financial space have had to innovate and keep pace with the fast-moving environment.
It’s a massive shift that’s apparent in banking, but also with organizations across industries. Today, technology is more often the face of an organization. There are very few boundaries between a company’s technology and the end user. Bank tellers, for instance, were the intermediaries between the customer and the technology infrastructure. That’s simply not the case anymore. And it’s both a critical challenge and an amazing opportunity.
In part because IT is more and more decentralized, how have CEOs and CIOs responded to the new reality?
With a renewed post-Covid spotlight on IT, the role of the CIO is more visible than ever before. The fact that CEOs and other leaders are more aware of our role does provide more scrutiny on what we’re doing, especially around fraud. This, too, provides both challenges and opportunities.
I’m part of a peer group of about 30 senior technology leaders across the country—running the gamut from security architects to compliance officers to consultants for both small and massive organizations—and this new reality is a constant topic of discussion. We do recognize the opportunity: It’s a chance to stretch our muscles, and in many cases completely reimagine our approach to IT.
Finding new avenues to problem-solve is extremely rewarding. And at the same time, we know we’re often working to address challenges we’ve never dealt with before, and our success or failure is often tied to our companies’ ability to accommodate this whole new way of working. It’s a lot to shoulder, but the peers I speak with are up to the challenge.
In addition to creating new technology solutions to mitigate these new dangers, organizations must continue to integrate their tech teams into every aspect of their operations, and remove boundaries across the board, from fraud-protection to employee training to customer service. It’s all more connected than ever before.
