- Kroll Report Finds Fraud, Cyber-Attacks Increased in 2016
- Fraud Increased in 2016
- The Impact of Fraud Varies
- Ransomware not as Prevalent as Viruses
- Software Vulnerabilities Enable Attacks
- Insiders are a Risk
- U.S. Companies Likely to Contact IT Service Vendor After a Breach
- Most Organizations Already Have Risk Mitigation Policies
Kroll Report Finds Fraud, Cyber-Attacks Increased in 2016

The Kroll Global Fraud and Risk Report for 2016 shows that cyber-fraud incidents increased during 2016, though not all the news was bad.
Fraud Increased in 2016

According to the Kroll Global Fraud and Risk Report, fraud has been increasing steadily since 2012. For 2016, 82 percent of survey respondents reported experiencing fraud, up from 75 percent in 2015.
The Impact of Fraud Varies

The majority (87 percent) of respondents indicated that fraud losses represented less than 3 percent of revenues in 2016. However, 3 percent of respondents noted that fraud losses represented 7 percent to 10 percent of revenue.
Ransomware not as Prevalent as Viruses

While ransomware has been cited by multiple other 2016 security reports as a growing trend, the Kroll report found that only 13 percent of respondents suffered a ransomware attack in 2016. In contrast, 33 percent identified “virus/worm infestation” as a cyber-incident they experienced in the past 12 months.
Software Vulnerabilities Enable Attacks

Cyber-attacks can be enabled by many different factors and events. The leading reason cited by the Kroll report was software vulnerabilities (26 percent).
Insiders are a Risk

For those companies reporting being the victim of a cyber-attack or information loss incident in 2016, employees were identified as primary perpetrators. Ex-employees were identified as the main cause by 20 percent of respondents, while 14 percent cited freelance or temporary employees as being the perpetrators of a cyber-event.
U.S. Companies Likely to Contact IT Service Vendor After a Breach

The Kroll report is a global study, with many of the statistics for the United States almost mirroring worldwide numbers. One area that differs, however, is the entity most commonly contacted following a cyber-incident. In the United States, 43 percent of respondents said they would contact an IT service vendor, while the global number is only 27 percent.
Most Organizations Already Have Risk Mitigation Policies

Though fraud is on the rise, the report has some positive findings, including the fact that 80 percent of respondents have developed and implemented security policies and procedures at their organizations.


