PostHole
Compose Login
You are browsing eu.zone1 in read-only mode. Log in to participate.
rss-bridge 2026-01-25T10:41:00+00:00

Cybersecurity’s New Business Case: Fraud

Government security leaders are struggling. Cyber investments are lagging. Resources are being cut. The problem is getting worse. Let’s explore solutions.

Lohrmann on Cybersecurity

Cybersecurity’s New Business Case: Fraud

Government security leaders are struggling. Cyber investments are lagging. Resources are being cut. The problem is getting worse. Let’s explore solutions.

January 25, 2026 •

Dan Lohrmann

[A dark image of a hacker working on a laptop and monitor.]

Shutterstock

Attention all government CISOs (and yes, CTOs, CIOs, CFOs, COOs and even a few corporate CEOs can listen in): It’s time to adjust our cyber lingo — again.

Specifically, start talking (more) about financial fraud, AI-generated scams, citizen trust, due diligence, (your government’s) reputation, protecting identities, cyber crime, data integrity and AI-solutions to all of the above.

Stop talking as much about hacking, zero-day exploits, critical network vulnerabilities, next-generation firewalls and other technical security jargon. (OK, a little talk with internal SOC staff may be an exception.)

But why?

Across the country, numerous state and local government security leaders are facing budget cuts, staffing shortages, hiring freezes, fewer grants and oftentimes an inability to make a compelling case for new (or ongoing) cybersecurity investments that are needed now.

As many state and local governments struggle with budget shortfalls and staffing challenges, the bad actors are ramping up online fraud schemes that take advantage of identity management flaws in government systems, stolen credentials, a lack of technology systems oversight, network vulnerabilities, phishing campaigns and other weaknesses that traditionally are under the auspices of cybersecurity (or cyber defense) teams.

THE AI-GENERATED FRAUD PROBLEM

Meanwhile national headlines, local news stories and even holiday dinner conversations highlight the urgent problems emerging related to online financial fraud ranging from social engineering attacks against individuals to sophisticated money scams hitting seniors to state and local government services fraud schemes.

According to GAO.gov, there was over $300 billion in fraudulent payments within pandemic-relief programs: “We estimated fraud for unemployment insurance programs between $100-135 billion from April 2020 through May 2023. The Small Business Administration’s (SBA) Office of Inspector General reported about $200 billion in potentially fraudulent pandemic-relief loans under the Paycheck Protection Program and the COVID-19 Economic Injury Disaster Loan program.”

At the same time, recently released Federal Trade Commission data show that consumers reported losing more than $12.5 billion to fraud in 2024, which represents a 25 percent increase over the prior year.

In response, the Trump administration has announced a new Department of Justice Division for National Fraud Enforcement.

But fraud is not a right-left issue; both Democrats and Republicans want to fight fraud. For example, Democratic California Rep. Ro Khanna is calling for more work on fraud prevention in government programs.

MORE ON AI-ENABLED FRAUD

And yes, AI is making these problems worse, as articulated in 2026 security predictions from top global vendors. For example, this report from Cybersecurity Ventures and CyberCrime Magazine highlights:

  • “Cybersecurity Ventures predicts that the world will spend $522 billion on cybersecurity products and services in 2026.”
  • “Cybersecurity Ventures predicts that cybercrime will cost the world $10.5 trillion annually by 2025, up from $3 trillion in 2015.”
  • “The U.S. spends more than $25 billion on cybersecurity every year, more than any other nation.”

As AI-enabled cyber attacks crossed a major tipping point in 2025, vital questions have emerged in 2026 for CxOs regarding how prepared organizations are to defend critical data, systems, networks and more.

A few more examples:

  • Morgan Stanley has this section on their website on Cybersecurity and Fraud Awareness: “At Morgan Stanley, we have controls and processes in place that offer fraud protection to our clients and our infrastructure. The following resources are intended to help users enhance those processes to further protect themselves from cyber threats. …”
  • The University of Tulsa offers this material on online fraud.
  • The FDIC offers this consumer resource center material on cyber fraud.
  • The World Economic Forum shared this video from Davos, which identified that 77 percent of global leadership respondents saw an increase in cyber-enabled fraud in the past year.

First and foremost, as I have written many times before: “Get on boats leaving the dock.” In the current context, this means get your cyber team involved with efforts to find and eliminate fraud in government programs.

You can read details on this strategy and other tips on getting management buy-in on cyber projects in this blog.

Second, work with your government auditors on these fraud-fighting efforts, when possible.

Third, in support of the first two items, examine report details from this Microsoft Digital Defense Report for 2025, which has sections on fraud, scams and other relevant topics, along with an extensive look on identity management, which is the source of many issues.

[...]

Original source

📄 CybersecuritySpending2025-2031.pdf

📄 Microsoft-Digital-Defense-Report-2025.pdf

Reply