(March 29 09:55 ET) – Corporate executives may be unaware of the internal threat to their network systems, according to a new global survey on E-Fraud conducted by KPMG.

The survey found that 92% of CEOs, CIOs and other senior management from public and private companies in Canada conceded that a breach in their e-commerce system would most likely be perpetrated through the Internet or other external access. Globally, the expectation was 79%.

The greatest risk is from internal perpetrators, says KPMG.”Most security breaches are committed by individuals who possess intimate knowledge of the systems they are attacking,” said Norman Inkster, president of KPMG Investigation and Security Inc. in Canada and chair of KPMG’s International Forensic Accounting Committee. “If senior management understood that, they might handle their security issues very differently.”

Survey participants identified hackers, poor implementation of security policies and lack of employee awareness as the greatest areas of threat to their e-commerce systems.

However, KPMG says that it is more likely that disgruntled or former employees or external service providers who have an established relationship with the company may commit the breach, or may supply the information necessary to do so to someone else.

The survey also found that companies are failing to put in place policies that could prevent and help prosecute e-commerce fraud.

Only 45% of Canadian executives surveyed said that security audits are performed on their e-commerce systems. Only half of the respondents have incident response procedures in place for when they do discover a breach.
-IE Staff