The average large company has close to 3,000 vendors. Payment fraud is the top risk to companies across the globe. Business email compromise is continually on the rise, and now attackers can use generative AI to refine their social engineering techniques.
We need FinSecOps, said Johnny Deutsch, co-founder and CEO of B2B payments protection company Creednz. FinSecOps “integrates security into the process of finance” and gives companies “their own internal controls” around onboarding vendors and conducting payment transactions with them. That is important, he said, since banks have zero percent liability when payment fraud occurs, and the business has 100% liability.
In this episode of CyberEd.io‘s podcast series “Cybersecurity Insights,” Deutsch discussed:
- The need for visibility into vendor master data and education about phishing and social engineering;
- Why email security gateways fail to catch true fraud;
- The “slow, piercing process” of losing trust that comes when payment fraud damages a business’s reputation.
Deutsch previously was CISO at Rivian Automotive and two other publicly traded companies. He led EY’s offensive cybersecurity services for a decade and spent seven years as the deputy CISO for the Israeli Ministry of Defense elite unit.