ZDNet UK


Skip to Main Content

ZDNet.co.uk - Winner of Best Business Website 2007
  1. Home
  2. News
  3. Blogs
  4. Reviews
  5. Jobs
  6. Resources
  7. Community
  8. My ZDNet

 

ZDNet UK RSS Feeds


Security threats Toolkit

Internal attacks blighting banks

Dan Ilet silicon.com

Published: 29 Jun 2005 10:00 BST

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

Financial services firms are facing more internal security breaches than external hacking and virus attacks, according to consultancy firm Deloitte.

Overall, the company's 2005 Global Security Survey found that security officers are doing a better job of defending their companies. Less than a third (28 percent) of respondents experienced an IT security breach in the last 12 months, a fall of 55 percent since last year.

Although finance companies have seen fewer external attacks, internal breaches more than doubled from 14 percent last year to 35 percent this year.

Mike Maddison, director of security services at Deloitte, said: "Financial institutions have dramatically reduced the number of external attacks by protecting themselves with antivirus software and content filtering, particularly at the perimeter of their networks.

"There's been an emphasis for some time on the never-ending battle to secure the corporate perimeter. As a result technological loopholes are being closed but the hackers' tactics have now shifted towards manipulating human behaviour as we've seen from the explosion in phishing attacks."

Of the 100 financial senior security officers surveyed, 65 said they had trained employees how to identify suspicious activity but only 6 percent did this at staff inductions. Less than half (46 percent) said they had awareness initiatives for employees scheduled for the next 12 months. The survey found that, when it comes to security spending, 64 percent of the budget is spent on technology compared to 15 percent for employee awareness and training.

Almost three-quarters of respondents outsource at least one IT job but around one in three fails to conduct regular assessments of the outsourcer's compliance credentials.

Maddison added: "I think that the proportion of internal attacks has increased more than we'd expected. Again, this comes down to making sure you properly vet staff, your patching is up to date, and antivirus is deployed effectively."

  • Email
  • Trackback
  • Clip Link
  • Print friendlyPrint with Konica

Did you find this article useful?
71 out of 143 people found this useful


In association with Intel

Talkback

Post a comment


Full Talkback thread

0 comments

Related Links

More In Security threats


Related Jobs

Drug Safety / Pharmacovigilance opportunities - Cambridge - 30K to 60K

Quality Assurance Systems Programmer

Technical Engineering Team Leader

Sentry Posts Blog

Toshiba touts Quantum Key Distribution

Toshiba research scientists have developed a method of distributing quantum keys more efficiently, the company has claimed in a statement: "[Quantum Key Distribution -- ] QKD --... More

Post a comment

Virtual Teams: Small Business Innovati...

Virtual Teams: Small Business Innovation Author: Eric Everson, Founder – MyMobiSafe.com As the founder of MyMobiSafe.com, I’ve found that because of our presence in the industry... More

Post a comment

Mobile Security and Innovation: An Ope...

Mobile Security and Innovation: An Open Case Author: Eric Everson, Founder MyMobiSafe.com The times are changing in the mobile industry as “big wireless” in the US Markets are calling... More

Post a comment

Featured Oracle Resources

Human Resources Management eBook

Supply Chain Management eBook

Design and Innovation Report

Economist Intelligence Unit Report - Technology and growth at mid-sized companies

See All White Papers