The Increasing Importance of Information Security
11th June 2010
Deloitte’s 2010 Financial Services Global Security Study has found that almost three-quarters of UK financial services have increased their information security budgets in the past year.
The majority of this budget has been spent on identity and access management, and data loss prevention strategies.
“Financial institutions are facing a battle on two fronts in their efforts to protect consumers’ financial assets and data. The threat landscape has evolved; on one side they are tackling the growing sophistication of targeted attacks by criminal gangs and on the other recognising the increasingly expensive security perimeter is no protection from internal threats”, said Mike Maddison, head of Deloitte’s security practice.
The multiple set of identities held by employees of financial institutions are often contained within different directories and applications. Access policies for these identities often don’t communicate with each other, meaning reporting is disjointed and employee activites are not easily tracked. This leaves an environment ripe for internal misuse or access of critical information assets.
According to the Deloitte survey, a higher proportion of UK firms are increasing information security spending then their global counterparts, with 70% increasing security budgets compared with 56% of firms globally. It also revealed that finance businesses, quite rightly, are more concerned about internal than external threats.