Advertisement
Promo

Security threats Toolkit

Internal attacks blighting banks

Dan Ilet silicon.com

Published: 29 Jun 2005 10:00 BST

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

Financial services firms are facing more internal security breaches than external hacking and virus attacks, according to consultancy firm Deloitte.

Overall, the company's 2005 Global Security Survey found that security officers are doing a better job of defending their companies. Less than a third (28 percent) of respondents experienced an IT security breach in the last 12 months, a fall of 55 percent since last year.

Although finance companies have seen fewer external attacks, internal breaches more than doubled from 14 percent last year to 35 percent this year.

Mike Maddison, director of security services at Deloitte, said: "Financial institutions have dramatically reduced the number of external attacks by protecting themselves with antivirus software and content filtering, particularly at the perimeter of their networks.

"There's been an emphasis for some time on the never-ending battle to secure the corporate perimeter. As a result technological loopholes are being closed but the hackers' tactics have now shifted towards manipulating human behaviour as we've seen from the explosion in phishing attacks."

Of the 100 financial senior security officers surveyed, 65 said they had trained employees how to identify suspicious activity but only 6 percent did this at staff inductions. Less than half (46 percent) said they had awareness initiatives for employees scheduled for the next 12 months. The survey found that, when it comes to security spending, 64 percent of the budget is spent on technology compared to 15 percent for employee awareness and training.

Almost three-quarters of respondents outsource at least one IT job but around one in three fails to conduct regular assessments of the outsourcer's compliance credentials.

Maddison added: "I think that the proportion of internal attacks has increased more than we'd expected. Again, this comes down to making sure you properly vet staff, your patching is up to date, and antivirus is deployed effectively."

  • Email
  • Trackback
  • Clip Link
  • Print friendlyPrint with EPSON

Did you find this article useful?
72 out of 145 people found this useful


In association with Network Liberation Movement

Talkback

Post a comment


Full Talkback thread

0 comments

Related Links

More In Security threats



Related Jobs

Business strategy Management Consultant (Team Lead)

CRM/Dynamics CRM Consultant – South West & Wales - 40-50000

Teradata DBA

Related BlackBerry Resources

Protecting the BlackBerry Device Platform Against Malware

BlackBerry Devices with Bluetooth - Security Overview

BlackBerry Enterprise Server IT Policy

BlackBerry Enterprise Solution - Security Technical Overview

BlackBerry Enterprise Solution and RSA SecurID

CIO's Guide to Mobile Security

See All White Papers

Video icon

Video

Sentry Posts Blog

DNA details of innocent will be kept f...

The government has announced that it plans to keep innocent people's DNA details for up to six years. In response to a consultation it launched last December, the government said... More

1 comment

Motorola Droid Drops Today: Happy Droi...

Motorola Droid Drops Today: Happy Droid Day America! Author: Eric Everson, Mobile Security Expert If you’re wondering what all of the buzz is about with words like Droid and Android... More

Post a comment

Mobile Security Profile: BlackBerry St...

Mobile Security Profile: BlackBerry Storm2 Author: Eric Everson BlackBerry handsets are a staple of office culture; from syncing calendars to sharing business-related data,... More

Post a comment


Skip Sub Navigation Links to CNET Brand Links

Help

Become part of the ZDNet community.

ALL TOOLKITS

Blogs

Newsletters