Online criminals and cyber scammers are more creative and sophisticated than ever before. Their methods include phishing, romance scams, identity theft, sweepstakes claims, and detailed impersonation ruses (among others). Veteran fraud expert and cybersecurity lawyer Joshua Cook has seen it all, and as John Hancock’s resident cyber counsel, he’s working to safeguard his employer’s brand, protect its customers’ assets, and stay out in front of the hackers.
Every day, bad actors attempt to gain online access to the billions of dollars that millions of customers have invested in John Hancock’s investment, retirement, and insurance products. Industry experts say that insurance fraud alone costs consumers more than $80 billion per year—and that number is only increasing.
It’s something Cook has witnessed firsthand. After starting his career in private practice, where he sued fraudsters on behalf of consumers and investors, he joined John Hancock, a Boston-based insurance company owned by Manulife, to support retail and wholesale broker/dealers, resolve customer complaints, and address cybersecurity issues.
In 2017, Cook and his colleagues encountered a would-be offender who repeatedly called John Hancock’s help desk attempting to access systems and data by impersonating a financial advisor. When the caller’s suspicious behavior triggered internal alarms, Cook decided to take the opportunity to test and deploy countermeasures.
His team implemented defensive tools, waited for the fraudster to call back, recorded the calls, and monitored his activities. They watched his every move, observed how he reacted to their tactics, and played back the recordings to study the interactions.
Cook got a fascinating look into the mind of a fraudster and mined valuable intel he still uses to create and refine John Hancock’s cybersecurity strategies. It’s a fast-moving, high-stakes game.
“Every company is facing a new wave of online threats, and we have to defend our customers, our employees, and our reputation,” Cook says. “We are one of the most recognized brands in America. Prevention and protection are critical to earning the trust people place in us.”
In 2018, Cook and John Hancock were at an interesting crossroads. The company had sold its retail broker/dealer business, and Cook’s internal client was going away. With his future uncertain, he sat down with his general counsel to develop a plan.
Cook could stay on to manage a domestic intellectual property portfolio and use his “spare time” to create a new cyber counsel role for himself. He jumped at the opportunity and today is John Hancock’s assistant vice president and its senior counsel of cyber, privacy, intellectual property, and brand.
The strategic move helped the company shore up an inefficient process once handled within its legal department. Previously, whichever lawyer was assigned to the group impacted by a cyber incident would determine how to respond, then return to their regular work duties. Without a consistent process, the company wasn’t able to develop institutional memory and left itself at risk.
Cook built his role by first identifying the right internal players and cultivating the necessary relationships with IT executives and other leaders. “My vision was to act as a conduit between the IT and legal worlds within the company,” he says.
He then worked with his IT partners to formalize the processes, taking incident response from theory to practice. Lastly, he connected the various technical, compliance, and legal professionals across the company to ensure open communication and consistency.
Providing legal support to a global security operations center at a large and well-known company that is part of a regulated industry targeted by ever-changing cyberthreats is a complicated task. As the COVID-19 pandemic winds on, these issues will likely remain at the forefront.
Nearly 75 percent of banks and insurance companies have reported an increase in cybercrime since early 2020. At the same time, hybrid working environments introduce new variables and risks as employees connect to networks and transfer files remotely.
Hackers are using botnet attacks, phishing emails, mobile malware, and ransomware to penetrate systems. While Cook and his team are in place to protect, John Hancock and Manulife still encourage clients to stay diligent. All users should report suspicious emails, verify websites and email addresses, monitor online accounts, and review consumer credit reports often.
Risks can come in all shapes and sizes, and leaders need the most advanced teams possible. Cook himself lacks technical computer training, but he sees that as an asset.
“Someone with a deep education in cyber might have a narrow idea of what’s realistic, but since I didn’t come from the world of IT, I think differently about what we can and can’t do, so I can push the limits,” he explains. “For me, it’s a sea of possibilities.”
One of Manulife’s core values is to “think big,” and Joshua Cook says those in his industry need to think more like the bad guys and take preemptive measures to protect their customers and themselves. That’s his plan, anyway.