Products and Solutions

Build a Global Anti-Fraud Operations Center in Five Steps

Dec 10, 2018 | by Heidi Bleau |

In cybersecurity, technology and operational processes are so focused on how to fend off an attack that we rarely focus on disrupting criminals before they launch one. Not disrupting them when they are knocking on the front door, but when they are planning and coordinating in the dark web.

The RSA® Anti-Fraud Command Center (AFCC) – one of the largest operations of its kind in the security industry - has more than 100 analysts working 24/7 from secure facilities around the world to do just that. Finding and shutting down global cyber attacks in the planning stages.

For as long as cybercriminals have targeted consumers, the AFCC has targeted them across the dark web, and more recently on social media platforms. 2018 marks the 15th anniversary of the AFCC fighting fraud globally. In that time, the Center has shut down more than two million cyber attacks!

Five Steps to Fight Global Fraud

In a recent conversation with some of the key people running the day-to-day operations of the AFCC they revealed the five steps needed to build a world-class global anti-fraud practice. Here are their thoughts:

Go global. Worldwide coverage and support for multiple languages is essential in a time when cybercrime is everywhere. Threats typically start in one part of the world and move quickly to another, making a seamless global presence imperative to effective response and shut down.

Go above and beyond. Cybersecurity is a business, sure, but it's not just any business. It's a business where people are responsible for protecting others from potentially catastrophic cyber events. Those working in the industry must be willing to do whatever it takes to carry out that responsibility.

Stay agile. Threats are constantly emerging and quickly evolving. Anti-fraud operations have to adapt just as fast—adopting new methodologies and techniques to root out threats, and avoiding cumbersome processes and procedures that slow things down.

Build relationships. Fighting cybercrime is a team effort. It requires coordination and cooperation with internet hosting facilities, law-enforcement authorities and other entities around the world. Cultivating those relationships takes time, making experience vital.

Automate. With thousands of cyber attacks occurring every day, automation is key to keeping up. The RSA AFCC relies on a multitude of diverse, internally developed automation programs and tools that are invaluable in helping to detect and shut down cyber threats quickly.


Cybercrime is one of the biggest digital risks facing organizations today. Aside from financial losses, there are long-term effects which are much harder to quantify, such as brand reputation and customer attrition. Cybercrime, while traditionally associated with financial institutions, is an issue for every digital business. Consider stolen credentials, as an example. A recent RSA study of some of the top dark web "stores" revealed financial services credentials are not as lucrative as one might think. E-commerce accounts were the top target among all stolen account credentials for sale. Figure 1, below, shows the full breakdown by category.

Compromised credentials by category

Figure 1: Compromised credentials by category

As organizations continue their digital transformation, the opportunity for attack expands creating unwanted exposure, challenges and vulnerabilities. Whether your organization leverages in-house resources or a third-party service, effective digital risk monitoring is a critical part of the cybersecurity strategy. It's not an easy job, but someone must do it.

# # #

Are you ready to take a journey through 15 years of cybercrime evolution and learn the five steps required to be successful at fighting global cybercrime? Get a sneak peek inside RSA's world-class anti-fraud operations in the e-book, "RSA Anti-Fraud Command Center: Keeping the World Safe from Cyber Attacks for 15 Years."