Patch-apathy sets in...
By Jo Best
Published: 24 May 2004 16:00 GMT
With billions of pounds at stake, security is one of the biggest concerns for banks and financial institutions. So why have 83 of the top 100 been compromised?
According to Deloitte's annual Global Security Survey, hackers are keener than ever to try and breach banks' defences but around a quarter of the institutions queried said their security budget growth was "flat".
The money-cautious approach to security may be a false economy – of those institutions that had suffered a breach, 40 per cent had experienced financial loss because of it and 13 per cent had "fully deployed antivirus measures", the report said.
The report shows the security situation has declined over the last two years. In 2002, 39 per cent of the institutions had been breached and last year, 96 per cent were thoroughly deploying their antivirus measures.
The bigger institutions come off best in the security stakes, being more likely to have a more mature security policy and practices in place to measure its success, although awareness of the importance of security was similar across large and small organisations.
The lack of resources in the form of dedicated security staff as well as spare cash is holding back the smaller firms' security proposals. "Smaller financial institutions struggled to find and attract the staff with the adequate skills and competencies required to protect the organisation," the report said, adding that budgets are also "a likely factor".
Mergers and acquisitions in the financial sector were also raising security concerns. "Information security and privacy, along with IT-related controls, are not at the forefront of activities and controls," which could lead to breaches, the report said.
Confronted with a flood of patches, regulation and malware, financial services institutions are now no longer trying to go above and beyond what is expected in the security stakes and are more content to simply meet a minimum level of risk – 30 per cent this year compared to 19 per cent in 2003.
Companies are more on top of the security risks posed by new ICT -- the risks surrounding Wi-Fi are more widely recognised and policies and tech are being put in place to minimise the potential for security breaches.
Technical competencies: *Strong proven RFP analyst senior level experience *Good knowledge of the industry *Solid experience in consultant RFP ...
Your experience will involve hands on management of small teams coupled with strong analytical and problem solving skills with an understanding of ...
Support and oversee remedial action on breaches/control failures/issues arising to ensure that timely and effective action is taken and that issues ...
Agenda Setters 2009
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.
Is Your Enterprise Architected for Tomorrow's Growth?
Improving IT service delivery through an integrated approach to software asset management...
TechRepublic Resource Guide: Software as a Service (SaaS) for Small and Midsize Businesses...
Download a Free Trial of SmartDraw: Learn why SmartDraw is the ideal alternative...
Stories from the web...
Copyright © 2008 CBS Interactive Limited. All rights reserved. Top of page
Digg
Slashdot
Del.icio.us
Stumble
Reddit
RSS Feeds
Clive Longbottom Windows 7: Not perfect - but ready for prime time Microsoft's latest OS fixes most of Vista's ills - but still has challenges ahead
Stephen Kleynhans Mind the details with Windows 7 Just because it might work better than Vista, it doesn't mean you can be sloppy