Paul Curwell

On 26 Jun 2024, Nicholas McTaggart and I wrote an article for The Strategist, a publication of the Australian Strategic Policy Institute). We explored how scams have evolved from being a nuisance to becoming a critical national security issue. These sophisticated operations exploit technology and human vulnerabilities, targeting individuals and organisations alike. From phishing schemes to supply chain compromises, the impacts are far-reaching, undermining trust in systems and draining economies.

In our view, governments and businesses must treat scams as more than a financial issue; they are a threat to resilience and security. A multi-pronged approach involving education, regulation, and technology is essential to combat this escalating challenge.

If you want to read the full article on The Strategist, head to Scams are now a national security issue

Further Reading

• Curwell, P. and McTaggart, N. (2024). Scams are now a national security issue, The Strategist, Australian Strategic Policy Institute, Canberra, Australia, https://www.aspistrategist.org.au/scams-are-now-a-national-security-issue/

DISCLAIMER: All information presented on PaulCurwell.com is intended for general information purposes only. The content of PaulCurwell.com should not be considered legal or any other form of advice or opinion on any specific facts or circumstances. Readers should consult their own advisers experts or lawyers on any specific questions they may have. Any reliance placed upon PaulCurwell.com is strictly at the reader’s own risk. The views expressed by the authors are entirely their own and do not represent the views of, nor are they endorsed by, their respective employers. Refer here for full disclaimer.

Paul Curwell

Who isn’t, right? It’s time to get smart about security risk assessments.

Yes, those pesky assessments that sound boring but are actually your best friend in dodging scams.

1. Step one: map out your company’s email flow. Who’s sending what to whom? Knowing this helps you spot anomalies. If Bob from accounting suddenly asks for a wire transfer, you’ll know something’s up—especially since Bob’s been on vacation for two weeks.
2. Next, scrutinize your email security settings. Is your spam filter set to “catch-all-the-junk” mode? Great! But is it also catching important emails? Not so great. Adjust those settings to filter effectively without blocking legitimate business.
3. Oh, and let’s not forget about multi-factor authentication (MFA). Yes, it’s an extra step, but it’s a step that can save your bacon. MFA ensures that even if a scammer gets your password, they still need a second form of verification. It’s like having a bouncer for your email.

Train your staff. Regularly. If your employees can’t spot a phishing email from a mile away, you’re in trouble.

Use simulated attacks to keep everyone on their toes: Trust me, it’s worth the effort!

Lastly, always verify before you trust.

Got an urgent email from the CEO asking for funds? Pick up the phone and double-check.

It might just save your business from a costly mistake.

So, there you have it. Conducting a security risk assessment isn’t just a good idea—it’s essential. Keep those scammers at bay and protect your hard-earned money.