Deloitte have published the results of their annual Global Security Survey, which benchmarks IT security and privacy in the financial services industry. The top three information security priorities of financial institutions identified by the survey are: security regulatory compliance, followed by data protection and information leakage, and access and identity management.
The scope of this survey is global, including financial institutions with worldwide presence and head office operations in one of the following geographic regions: North America; Europe, Middle East, Africa (EMEA); Asia Pacific (APAC); Japan; and Latin America and the Caribbean (LACRO). To promote consistency, and to preserve the value of the answers, the majority of financial institutions were interviewed in their country of headquarters.
Some of the survey’s main findings include:
Security vigilance is even more important during hard economic times, when the increased stress levels can lead people to behave in atypical ways. Even though both internal and external security breaches at financial institutions worldwide have fallen over the past 12 months, employee misconduct is a growing concern.
The growing popularity of social networks and the proliferation of mobile media such as USB keys, MP3 players and PDAs, all cause an extra load on internal and external security. These devices present opportunities for unauthorized download and storage of confidential information in an unprotected medium.
In 2008, financial institutions saw a decline in the number of both external (47% vs. 65% in 2007) and internal (27% vs. 30% in 2007) security breaches.
The leading drivers for financial institutions to protect the privacy of their clients information are privacy regulatory requirements (79%) followed by reputation and brand concerns (70%).
The full report is available from the Deloitte website
Picture from Creative Commons: Flickr: Jose Goulao