Employees are biggest threat to security in more than half of financial institutions, survey reveals
August 2017 by Netwrix
Netwrix Corporation, provider of a visibility platform for data security and risk mitigation in hybrid environments, today announced industry sector findings for financial institutions in its 2017 IT Risks Report that show employees are the biggest threat to system security and availability. Interviews with more than 700 IT Pros revealed employees were the main problem for 55% of financial organizations while human error accounted for 27% of security incidents.
Accompanying infographics provide insight into the IT challenges, security practices and plans common for financial organizations today. The IT risks are divided into three areas: security, compliance and operations.
The survey’s key findings for financial organizations are:
· The biggest threat to system availability and security is employees, according to 55% of financial organizations, followed by third parties with legitimate access to internal systems (27%).
· 27% of financial organizations had security incidents caused by human error in 2016, and 18% of financial organizations dealt with malware in 2016.
· 67% of financial organizations do not use any software for information security governance or risk management.
· 36% of financial organizations do not have a separate cybersecurity function.
· 91% of financial organizations focus their security initiatives on protection of databases.
· Only 36% of financial organizations claim to be well prepared to beat IT risks.
· Lack of time is the main obstacle to more efficient handling of IT risks (55%), followed by lack of budget (45%) and complexity of IT infrastructures (45%).
· 82% of financial organizations are going to focus their investments on protection against data breaches, and 73% will focus on protection against cyber-sabotage.
“Financial organizations may have flaws in their IT risks mitigation strategy, but they still have achieved impressive results compared to other industries we’ve surveyed. However, only one third of financial organizations have consistent and mature practices, which enable them to act proactively towards any new and existing threats,” said Michael Fimin, CEO and co-founder of Netwrix. “Financial organizations still need, and this need is well acknowledged, to fortify the security by better protecting data against breaches and fraud and by mitigating human factor. These two areas are going to be a major investment focus in the near future.”