Financial institutions are investing heavily in information security in light of a growing number of threats and increased regulatory pressure.
Deloitte's 2010 Financial Services Global Security Study found that the security practices of global financial institutions are focusing primarily on identity and access management tools (IAM) and data loss prevention.
Accordingly, security budgets have been boosted, with 70 per cent of UK financial institutions having increased their information security budgets over the past 12 months, compared with 56 per cent globally.
Mike Maddison, head of Deloitte's security practice, said: “Financial institutions are facing a battle on two fronts in their efforts to protect consumers' financial assets and data. The threat landscape has evolved; on one side they are tackling the growing sophistication of targeted attacks by criminal gangs and on the other recognising the increasingly expensive secure perimeter is no protection from internal threats.
“Our findings demonstrate that financial organisations are less confident about their ability to protect themselves from internal attacks than external threats. It is vital that companies are vigilant in protecting their data assets placing appropriate emphasis on monitoring internally as much as spending ever more at the perimeter. This includes recognising that implementing checks and measures to reduce the potential impact of human error is key.
“Over the past 18 months, even such turbulent ones as we have seen, it is positive that financial institutions recognise the ongoing need to protect their information assets, which is evidenced by the fact that organisations continue to invest in this area and budgets have not been cut.”
Commenting, Courion's UK general manager Stuart Hodkinson claimed that failure to clamp down on data security has real and painful consequences for any organisation, especially since the introduction of £500,000 fines by the Information Commissioner's Office (ICO).
He said: “Data breaches cost jobs, create catastrophic bad press and can have a painful impact on the bottom line. Therefore, it is encouraging to see so many respondents highlighting the importance of improving security and meeting regulatory compliance requirements as key drivers to adopting (IAM) solutions. The financial impact facing companies that fail to adequately protect data underlines the growing value of data as a business asset.”