Forging government resilience against fraud, waste and abuse

Fraud, waste and abuse (FWA) is a severe, costly reality that has persisted to a level many governments simply cannot afford. In recent years, FWA has been adapted for more widespread exploitation that has only expanded with the aid of historic events like the COVID-19 pandemic; case in point, in a 2023 Reuters survey, respondents’ confidence in their ability to prevent FWA has dropped to 59%. Bearing this lack of confidence in mind, the ultimate challenge lies in a lack of understanding of the root cause of FWA. Government officials underestimate the role that organized crime plays in fostering fraud. Only by understanding the cause of these issues can we identify ways to overcome them and forge true cyber resilience.

How did we get here and how do we bounce back?

Attributing FWA to organized crime can sound like just another way to point fingers at forces outside of our government’s control, but it’s situations like the pandemic – where our visibility into monitoring fraud was significantly impaired – that nation-state threat actors see the most opportunity. For example, during the pandemic, unemployment insurance benefits fraud cost 22 states an estimated total of $59.1 billion. Moreover, the urgency in sending out stimulus checks for U.S. citizens made it very challenging to provide the attention needed to see the funds through to delivery, thus allowing criminals to take advantage and intercept freely.

Identifying fraud and stopping it at its origins is a tale as old as time, and it’s costing the country far more money than we can keep up with. As fraud continues to rise in sophistication, a solution emerges: State and local agencies must join forces and change the mindset on fraud and abuse altogether.

Seeing this issue from a new lens requires rehashing our perspective entirely. Fraud is no longer solely a problem for fraud departments and the certified fraud investigators that look at each individual claim, but something on which investigators and cybersecurity teams should partner to examine the metadata associated with the claim and assess the risk probability. Understanding fraud as a vehicle driven by organized cybersecurity threat groups will empower our government to fight against the threats and global adversaries infiltrating our government systems. Transforming these efforts empowers officials to build program integrity and resilience for what they have been entrusted to defend.

The solution

Transcending government silos to fight fraud

The road to determining solutions to FWA is greatly hindered by gaps in the government organizational chart. For example, cybersecurity teams are focused on defending agencies from the multitude of attacks, such as stemming ransomware and other security-related threats. Compounding the problem is the fact that many of the legacy systems these teams are protecting were not developed with this level of security in mind. Organized cybersecurity adversaries are masquerading as a fraudster in government systems by finding a gap between cybersecurity teams and the fraud investigators.

Realizing the correlation between what the cybersecurity teams can detect and fraud investigators can identify helps the entire picture come into focus. By closing the gap and bringing cybersecurity and fraud investigators onto the same team, significant progress can be made to stop organized crime from extracting billions of dollars from state benefit systems. The next step is to merge security and government benefit department knowledge to better identify FWA and stop perpetrators in their tracks.

Using automation to handle disparate data

The challenge with unifying the knowledge from the security and fraud teams is that often legacy tools used by state and local agencies aren’t equipped to unify the disparate data across their systems. In order to merge the knowledge of these two departments, agencies need to adopt observability practices to better manage threats.

By embracing a comprehensive observability practice that leverages automation, state and local agencies can more proactively identify fraudulent activity while also having a holistic view of the vast – and often convoluted – data both the security and fraud teams use to identify fraud. The simple merging of these two methods is known as a “data fusion center” that enables cybersecurity and fraud investigators to help catch inconsistencies in real-time. This combined approach can compare and correlate disparate datasets and apply risk-based authentication (RBA) for faster detection and are the government’s best bet at efficiently identifying malicious threat actors.

Forging a path for resilience

Finding ways to build program integrity into government benefits systems to fight FWA can feel like a hopeless cause. Still, there are natural solutions that can definitively soften the impact that FWA has on our government systems. Fraud is here to stay, but to stunt its evolution amid this ever-changing threat landscape, we must also evolve our analytic solutions.

By shedding new light on the root of FWA issues and empowering our reconstructed approach to overcome external threat actors, we can forge a better, fortified path of resilience for our government programs. Unfortunately, there is no future where FWA is entirely unstoppable, but there can be a future where our government is equipped to combat the organized crime that lies behind it.

Mary Lou Prevost is group vice president for SLED at Splunk.

Copyright © 2024 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.