By Dan Ayoub, Senior Director Analyst at Gartner
Organizations worldwide are beginning to merge teams, tools and processes used by cybersecurity and fraud prevention teams to break down operational silos and create a more comprehensive approach to combating online fraud.
Gartner predicts by 2028, 20% of large enterprises will shift to cyber-fraud fusion teams to combat internal and external adversaries targeting the organization, up from less than 5% today.
Product leaders must prepare now to lead this shift by building long-term roadmaps to account for the merging of cybersecurity and fraud prevention teams by expanding beyond traditional online fraud detection (OFD) market offerings.
What Is Cyber Fraud Fusion?
Cyber-fraud fusion is an emerging trend in online fraud prevention that combines cyberthreat intelligence, identity and access management, information security and fraud operations and tools, tactics and procedures (TTPs). For more than a decade, many of these teams have traditionally operated in silos. However, mature organizations with established cybersecurity and fraud prevention teams have begun merging resources and budgets toward a unified strategy that leverages the synergies between the two areas for greater effectiveness. Gartner expects cyber-fraud fusion as a trend to reach early majority adoption by 2028.
Future Of Cyber Fraud Fusion
Cyber-fraud fusion centers are the future of fraud fighting and will be part of the strategic direction of this industry over the next five to seven years. Many organizations are beginning to recognize the merits of treating online fraud incidents (such as account takeover and bot mitigation) as security issues.
Combining cyberthreat intelligence with information security and fraud prevention teams, systems, and processes creates the holistic view needed to effectively combat modern threats. Leading-edge organizations are looking across their entire technology stacks to create a defense in-depth framework that creates an overlapping hybrid approach.
Gartner has noted an increasing number of products and services that cross-pollinate between the online fraud prevention and cybersecurity markets. Product categories that were initially introduced for the cybersecurity market (B2B use cases) are now finding increased traction in online fraud prevention (B2C use cases) and vice versa. Gartner has also witnessed several organizations investing in new systems that interface with existing online fraud detection (OFD) platforms to create the ability to examine the TTPs utilized by adversaries in carrying out specific scams.
When it comes to budgets, most large organizations have traditionally kept budgets aligned to buying centers. However, Gartner fully expects cybersecurity and fraud prevention budgets to be combined as stakeholders and teams using these tools become more closely aligned.
Implications And Recommendations for Product Leaders
As this trend continues to gain momentum, mature organizations will increasingly seek out vendors that have comprehensive product portfolios capable of addressing a large volume of cyberfraud threats across their entire technology footprint. Addressing this need, product leaders must align business strategies and long-term roadmaps to include products and services that are considered outside the bounds of what OFD typically covers currently.
In the near future, product leaders must invest in complementary capabilities such as sharing analytics, telemetry data and suspicious incidents across systems and platforms with a high degree of autonomy and accuracy in real time. They must expand beyond traditional OFD market offerings to layer in highly complementary products, services and intelligence that large customers are already using.
Finally, a comprehensive online fraud prevention playbook must be developed for existing offerings that includes support for cyberthreat intelligence and cybersecurity TTPs as part of a layered defense. Product leaders must consider strategic partnerships and mergers & acquisitions (M&As) to fill in the gaps.
Additional analysis on cybersecurity and risk management will be presented during Gartner Security & Risk Management Summit 2024 in Dubai, February 12-13.