Why collection agencies need to take data security more seriously

A Q&A with Michael Lamm of Corporate Advisory Solutions, LLC

Collection agencies have become a prime target for cyber breaches and ransomware attacks – and cyber insurance alone won’t be enough to protect you.?

That’s the message from Michael Lamm, a founding partner of Corporate Advisory Solutions, a respected and fast-growing independent investment and merchant banking firm that specializes in tech-enabled outsourced business services with a specific coverage area?in the credit and collections sector.?

Michael is moderating Quantrax’s upcoming three-day webinar series, “Practical Security for Collections,” March 25-27. (Register for the 1-hour sessions here)?

?

Why did you think it was important to moderate these webinars??

Michael Lamm: “One big area of concern is the cyber breaches and ransomware attacks that are impacting the credit and collections industry. It’s becoming more of an issue. We see it in M&A because sometimes clients are going through a breach while we’re assisting a company buy or sell a business. It’s quite an undertaking and depending on the severity, it can put a deal on hold indefinitely. ?

“I never thought it was going to be such a big issue for debt collection. It didn’t seem like an area that would get the focus for cyber criminals, just because of the data – who really cares about getting data on people that are in collections or in the subprime world? Thought they’d go after bigger datasets, more prime consumers. But they’re doing it because there are easy loopholes to exploit, especially with small to midsize collection agencies, and they’re not as technologically sophisticated as other industries may be.” ?

?

What security loopholes are the biggest problems? ?

ML: “Generally, small- to medium-sized players have legacy collection software and have limited IT resources, and there are gaps for the cyber criminals to jump in and do bad things. The agencies don’t always have everything in place that larger companies do. The other big area is a lot of the companies in our industry use offshore and nearshore labor, so that’s?another access point in some cases.”?

?

Are collections agencies aware of the risks??

ML: “I think some are, but for a lot of them, it’s that same old thing that unless it’s happening to them, are they really going to take it seriously? Sometimes they’re thinking, ‘Oh well, if it happens, we have insurance.’ But with insurance companies, we sometimes see that they’re looking for ways to not pay the claim. If they feel like you messed up – as an example, you didn’t have multi-factor authentication when you checked the box that you did – they’re going to ding you and say, ‘We’re not covering you.’”?

?

What should operators consider about data security and collection software? ?

ML: “Just make sure that from a data security perspective, you have all the bells and whistles in place to give some comfort that all your data is fully locked down, even though there’s never a way to one hundred percent protect yourself. We tend to see more issues with smaller players, but even the largest players in the industry have experienced cyber breaches and ransomware attacks, so it can happen to anybody, no matter what size you are.”?

What do you want to learn about collections data security??

Sign up for “Practical Security for Collections”

A 3-part webinar series, presented by Quantrax Corporation, Inc.

REGISTER TODAY

March 25 – 2 PM EDT: Securing Hosted and On-Premises Systems

March 26 – 2 PM EDT: The Role Your Software Plays in Data Security

March 27 – 2 PM EDT: Solutions for A Stronger Security Footprint