ICMI is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


How to Reduce the Threat of Identity Theft in the Contact Center

The most recent annual tally of cybercrime damages rivals that of the GDP of any major country, reaching nearly $6 trillion USD globally in 2021. This cost is steadily rising. According to recent data by Cybersecurity Ventures, global cybercrime costs are expected to grow at a healthy rate of 15 percent per year over the next five years, potentially crossing $10.5 trillion USD annually by 2025. IBM estimates that the average cost of a data breach in 2021 was $4.24 million for organizations. For small to medium businesses, this came down to a per capita cost of $1,607 for security breaches.

Unsurprisingly, organizations in the US have experienced some of the most expensive data breaches globally, with average cost hovering around $9.05 million resulting from a mix of breach-related fallouts, such as lost business opportunities, customer turnover, lost productivity and revenue during and after the breach, and getting back to former stamina after a breach. Secure your call-center services with IT Support providers.

Unfortunately for businesses, the average lifespan of a data breach is only inching upwards with an increase of almost 10% from 2019 to 2020, according to UpGuard, resulting in even more drainage of resources and cumulative losses. And as nearly 49% of companies reported experiencing a breach in a recent survey, protecting customer data has become a priority for businesses. Since all of this data is processed through contact centers and contact centers, these have become a primary target for cyberattacks. In this article we will discuss effective ways to reduce your exposure to cybercrime in contact centers.

Contact centers are an attractive target for cybercriminals, as they typically handle a huge volume of personal data, such as card numbers, social security numbers, and birthdates. A survey by TRUSTID found that 51% of survey respondents who were engaged in the Financial Services Industry identified contact centers as the main channel for account-take-over attacks.

The problem is that it is no longer enough for contact center security frameworks to simply be Payment Card Industry (PCI) compliant. Although, it is only through PCI compliance that we can guarantee the protection of credit card data, its protection ends there. This means that the core operational and business processes and data flow channels of contact centers remain outside the purview of this protection and are completely vulnerable.

The TRUSTID survey found that as many as 30% of contact center agents had access to customers’ payment card information on file, even when they were not actively servicing those customers. Effective contact center security needs to extend its security cover to all customer data, whether they are submitted or generated. This protection also needs to cover business associates, employees, and customers.

Here are some tips to reduce cybercrime in the contact center:

Pay attention to physical security

Physical security is often overlooked in the grand scheme of things while companies try to ensure digital security. However, ensuring that your endpoints and contact center assets remain secure from unauthorized physical access should be a top priority. Effective physical security will involve background checks on all employees, limiting access to personal devices and wearable technology on shop floors, and granting only floor-wise access to employees through biometric locks, Photo ID, and color-coded name tags and access areas. You should also ensure that network hardware access is limited to a handful of trusted administrators, and employee access points are never left unsupervised. High quality CCTV footage and call monitoring can also go a long way in enforcing compliance and effective monitoring.

Improve your internal security

Employees should be well trained and aware of what to do and how to respond to emergency security breach scenarios. Additional measures could include keeping a close eye on the data security process and ensuring need-to-know and role-based access to information for employees for corporate documentation.

Better encryption

Encryption should be a central element in any contact center’s security strategy. A suitably advanced encryption system can encrypt and decrypt data so that even security or system administrators will have greatly restricted access to the data.

Ensure responsible backups

A cloud-based software solution is your best bet to ensure that your contact center data stays protected and backed up in case of emergencies. You should secure the services of a reliable cloud-based service provider that offers the necessary security features, including two-stage authentication, password-required entry, and security certificates.

Conduct regular penetration testing

Defending your systems against an evolving range of cyberattacks involves regular penetration testing. These simulated attacks on your systems will help identify vulnerabilities in your network security and patch them quickly.