« Twitter attacks snare senior politicians | Main | Adobe Reader now targeted more than Microsoft »
Financial services firms found wanting on security
Negligent insiders and outsourcing data to third parties are the major causes of data breaches in the financial services sector, according to a new report from IT management software firm Compuware.
The study, entitled, Privacy & Data Protection Practices: a Benchmark Study of the Financial Services Industry, was conducted by the Ponemon Institute and included interviews with chief information security officers, chief privacy officers and others with equivalent responsibilities from 80 multinational financial services organisations.
Three quarters rated negligent insiders as the top reason for a breach, while 42 per cent said outsourcing and a quarter lay the blame on malicious insiders.
While these headline stats may not come as a surprise to most working in the information security industry, what is more worrying is the wide open areas of vulnerability that the report highlights.
Just 56 per cent said they implemented some form of identity compliance procedures, 47 per cent said they used intrusion detection systems, and data loss prevention technology was used by just 41 per cent, according to the report.
"One of the most important things a company can do to assure their future success is to plug the holes in their security policies that were demonstrated in this study," said Larry Ponemon. "While there is a great deal of progress being made, there is still a long way to go."
Very true Larry, very true.
March 4, 2010 | Permalink
Post a comment