What I learned as an internal fraud investigator?

I switched jobs on May 1, 2022, and now work as a Chief Development Architect Security returning to my old strengths.

The time as a manager of an Internal Investigations Team investigating cases of fraud, corruption and bribery went by in a whim. If you stretch your mind a little bit, you could still state that this is a security topic. But I am not here to debate this.

What did I learn from my time in internal investigations?

I took away three things:

1. Anything that can be thought, can and will be tried.

2. The Fraud Triangle: to conduct fraud one needs motivation, rationalisation and most important opportunity!

And 3. and this really helps in discussions with security engineers who question that they have to fix a security vulnerability by asking: “Why would anybody exploit this?”

Any guesses anybody?

The single most frequent answer that team members and myself received when we asked an alleged employee: “Why did you do this?”, was:

“Because I can!”

Leave a Reply Cancel reply

Enter your comment here...

Fill in your details below or click an icon to log in:

Email (required) (Address never made public)

Name (required)

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Twitter account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

Cancel

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Gerlinde

If you don't have a challenge, you cannot advance – like in the challenge-response protocol :-)