Surveys
Financial Groups Give Cyber Threats High Priority; Majority Report Breaches – Study
A study from a US firm based on findings in Europe, Asia and the Americas says that while financial organizations increasingly take time and trouble to foil cyber threats, the vast majority have also reported some sort of breach.
A growing number of financial services senior figures take cybersecurity seriously, a new report finds, while noting that 93 per cent of 150 information technology and IT decision-makers in such firms have reported a breach of some kind.
The findings, which come from SailPoint – a US-based identity security provider – are based on the views of IT-related figures in the US, Canada, the UK, Australia, Brazil, France, Germany and Japan. The respondents, who were were polled in August and September 2022, were from organizations with 1,000 or more staff.
All respondents said identity security is either a relatively important, critical, or number one investment priority within the organization. Furthermore, 56 per cent of those surveyed said that their organization has fully implemented an identity security program and 29 per cent said their program has been in place for at least two years.
“The financial services industry deals with large amounts of sensitive data and personal identifiable information, making it a prime target for attackers,” Matt Mills, president of Worldwide Field Operations for SailPoint, said. “This makes strong identity security a necessity. The fact that over half of the surveyed financial services firms have fully implemented an identity security solution is a step in the right direction, but it’s clear that there is still room for improvement. Breaches have long been a fact of life in the financial sector, but implementing a strong identity security solution greatly reduces the potential damage that an attack can incur.”
Among the challenges highlighted, 91 per cent of respondents said they have experienced difficulties when it comes to adopting identity security, with the most common being flexibility in integration (38 per cent), high configurability (35 per cent), or being too complicated to implement (32 per cent). In addition, nearly all respondents (97 per cent) said that their organization’s ability to detect and prevent identity-related security breaches needs improvement.
Among other findings, 72 per cent of respondents said the number of identity-related breaches had increased over the last two years in the US, rising to 80 per cent for those in the rest of the world.
The report quoted an unnamed senior director of security
operations in the US as saying: “Banks are one of the juiciest
targets, so the criminals are going to give it more its
resources…it is a lot easier to steal something over a computer
than robbing a bank with a gun.”
SailPoint is based in Austin, Texas.