Experts Call for More Open Security Culture After VW Sacking
Security experts have stood up for cybersecurity whistleblowers after a report on Monday claimed a senior employee at a well-known carmaker was fired after raising concerns about fraud.
The Volkswagen staffer was dismissed weeks after raising the alarm about possible vulnerabilities in the company’s payments platform, Volkswagen Payments SA, which JP Morgan bought a 75% stake in back in September 2021.
That same month, the VW employee told managers they were concerned about a potential “fraud event” that had recently taken place, and suggested the need for internal “kill switches” to limit the damage from such events, according to the FT.
After hiring a law firm to look into the concerns, the world’s second largest vehicle-maker reportedly said the information provided was “irrelevant,” and the employee “was terminated due to fundamental differences in the way we work together.”
Jamie Akhtar, CEO & co-founder of CyberSmart argued that business of all types should do more to foster an open culture where employees can raise cybersecurity concerns.
“A huge proportion of successful cyber-attacks stem from some form of human error and the best way to counter this is by staff feeling comfortable in raising concerns or asking questions,” he added. “After all, you never know who in your business might spot that something isn’t quite right.”
Outpost24 CSO, Martin Jartelius, said that most firms have a fraud prevention and whistleblower system to root out wrongdoing.
“If a member of a team believes something is a risk, it’s important to investigate and escalate according to your process and making your decision based on the facts,” he added.
Volkswagen does indeed have such a system, having established an internal Together4Integrity program to encourage reporting following a 2015 diesel emissions scandal. That makes it doubly perplexing why the individual was ultimately fired.
More Stories
Brits Lose £106m to Romance Fraud in a Year
New City of London Police data reveals British men and women lost over £100m to romance fraudsters in 2024 Read...
What Is Cyber Risk
Did you know that it is estimated that 45% of organizations worldwide will have suffered attacks on their software supply...
Threat Actors Target Victims with HijackLoader and DeerStealer
Cyber-attacks using HijackLoader and DeerStealer have been identified exploiting phishing tactics via ClickFix Read More
Archetyp Market Shut Down in Europe-wide Law Enforcement Operation
Operation DEEP Sentinel has shut down Archetyp Market, the longest-running dark web drug marketplace Read More
Tenable Fixes Three High-Severity Flaws in Vulnerability Scanner Nessus
Nessus users should update patches as soon as possible Read More
Anubis Ransomware Adds File-Wiping Capability
Trend Micro identified a novel “wipe mode” included in Anubis ransomware to prevent file recovery, increasing pressure on victims to...