An analysis of security incidents on the Internet 1989-1995
An analysis of security incidents on the Internet 1989-1995
Technical opinion: Information system security management in the new millennium
Communications of the ACM
Why there aren't more information security research studies
Information and Management
The Value of Intrusion Detection Systems in Information Technology Security Architecture
Information Systems Research
Preventive and deterrent controls for software piracy
Journal of Management Information Systems
On Data Reliability Assessment in Accounting Information Systems
Information Systems Research
Is Information Security Under Control?: Investigating Quality in Information Security Management
IEEE Security and Privacy
Threats and countermeasures for information system security: A cross-industry study
Information and Management
Deterring internal information systems misuse
Communications of the ACM
Managing the false alarms: A framework for assurance and verification of surveillance monitoring
Information Systems Frontiers
An investigation of Zipf's Law for fraud detection (DSS#06-10-1826R(2))
Decision Support Systems
Intrusion Prevention in Information Systems: Reactive and Proactive Responses
Journal of Management Information Systems
Choice and Chance: A Conceptual Model of Paths to Information Security Compromise
Information Systems Research
Visualizing criminal relationships: comparison of a hyperbolic tree and a hierarchical list
Decision Support Systems
An outlier-based data association method for linking criminal incidents
Decision Support Systems - Special issue: Intelligence and security informatics
Fighting cybercrime: a review and the Taiwan experience
Decision Support Systems - Special issue: Intelligence and security informatics
Case study: Computer crime at CEFORMA: a case study
International Journal of Information Management: The Journal for Information Professionals
BizPro: Extracting and categorizing business intelligence factors from textual news articles
International Journal of Information Management: The Journal for Information Professionals
Hi-index | 0.00 |
Complex fraud, involving heightened offender knowledge of organizational processes, can be especially damaging to the firm. Much research has focused on technical, quantitative detection methods. This paper uses multidimensional scaling of empirical fraud event data from a large telecommunications firm to illustrate how technical and socio-technical fraud controls are used to detect fraud at varying levels of time exposure and dollar loss. The evidence suggests that technical controls only detect one third of fraud cases with zero time exposure and loss. More complex fraud is detected with a range of technical and socio-technical controls from inside and outside the firm. Interviews with twelve fraud managers and investigators are used to confirm the findings.