Bot Detection

Beat Bad Bots by Building Cross-Functional Bonds

October, 6, 20225 min Read

Organizational silos hurt businesses by hampering coordinated sales and marketing efforts. Data that sits in business units and systems that don’t “talk” to each other means businesses don’t operate efficiently and results in manual processes. 

Organizational silos also hamper cybersecurity efforts. Today’s coordinated, sophisticated bot attacks target many parts of a business; without coordinated cybersecurity efforts these can be impossible to detect and stop before massive damage is done. 

Adversaries can exploit the walls that separate the CISO organization, the fraud function, and their business unit partners, whether deliberately or by chance. Businesses must be coordinated, innovative and agile to keep up with volatile and complex bots. Businesses’ internal fraud units, business units (who own P/L), product development, and security teams must work in concert to collect and analyze data points in order to track, detect, and stop these bots as soon as they appear. As bot attacks get more sophisticated, so too must the defenses used to stop them.

It’s no surprise then that 94% of respondents in an Aite-Novarica survey said they were actively pursuing increased financial crime convergence across the organization. But only 44% said they share some monitoring and detection platforms and tools, and only 17% say they share tools across fraud and cybersecurity, meaning more work has to be done. 

Build Bonds to Beat Bots

Companies that focus on organizational communications as a key to their approach to cybersecurity can build bonds across the organization to fight off advanced bot attacks. In fact, many companies worldwide are considering “decentralizing” security. In some cases, individual lines of business have their own CISO (often referred to as the BCISO), with the organizational CISO coordinating efforts. 

Cybersecurity must be baked into every aspect of the business in order to effectively stop attacks. In the past, the CISO and his team were called to simply put out fires or “plug the holes'' in security. No longer. Now, cybersecurity is a strategic business initiative. It’s not simply about patching endpoints, but a wide-ranging discipline that works across the organization and effectively aligns with third-party vendors and customers.

When security is done right, it’s coordinated with DevOps, sales, marketing and other aspects of the business. Companies should get comfortable with the idea of security teams spread throughout the organization and fully integrated with lines of business.

Cybersecurity Must Work with Business Units

Of course, a fact of life is that line of business heads will not want to implement a new cybersecurity solution that impacts the customer experience or customer conversion. We’re hearing about cases in which business heads have veto power over the implementation of security technology if the customer experience could be damaged. This is another reason why cybersecurity must be aligned with the wider business goals of the organization. 

For example, imagine a head of fraud at a large eCommerce merchant who wants to implement solutions to prevent malicious bots from wreaking havoc on the website. This head of fraud must work with the heads of eCommerce or sales to ensure the solutions do not impact the overall customer journey.

No one wants to roll out a new feature or functionality that may be prone to be exploited by criminals. At the same time, cybersecurity needs to notify business units about potential changes or new tools being brought on board and get buy-in. 

Organizations are beginning to realize that better cross-functional communication about cybersecurity strategy means more business efficiency – yielding higher revenue, lower malicious bot-related fraud losses and, potentially, lower operating costs. 

Case Study: A Fintech Sees a 75% Drop in ATOs

Here’s a telling example about a neo-bank. Prior to becoming one of our fintech customers, it was losing about $100,000 a week in costs associated with massive bot attacks that were perpetrating credential stuffing attacks. Its SOC was absolutely inundated with 30,000 failed login attempts per week. It had been using reCAPTCHA, which just couldn’t keep up against very sophisticated bot attacks. After deploying our solutions, it recognized a 75 percent drop in account takeover attempts and slashed compromised account costs. A big part of the success was due to communication. The fintech created a cross-functional committee with representation from the business, product, fraud, risk, and cybersecurity to discuss, learn from one another, and collectively decide on the best path forward that would keep the company safe. It ended up stopping the bad actors while letting in even more legitimate consumers - a real win-win. 

Data Sharing: The Key to Successful Cybersecurity

Typically, communications, touch points, and referrals, as well as escalation protocols, within organizations tend to be informal, ad hoc, or event-driven. While this is changing, and organizations are becoming more aligned on cybersecurity, there is still work to be done. 

The ability to analyze data in real time is of vital importance. Businesses need to see a real-time view of data across organizations to be able to detect and identify potentially suspicious patterns of activity. 

Sharing data, information, and intelligence is the key to a successful cybersecurity strategy. This is especially crucial as data becomes decentralized. Company’s now share data with business partners, they move data to public and private clouds, and data centers may be located in geographies worldwide. Only with strong coordination and communication across teams, including strategic business partners, can companies ensure they are protected against malicious and sophisticated bot attacks.