IT security attacks on some of the world’s leading financial institutions more than doubled from last year, according to a new survey from Deloite & Touche.
The professional service firm’s annual Global Security Survey showed a dramatic rise in the number of respondents reporting system breaches. In 2003, 39 percent claimed they had been attacked, in 2004 the number jumped to a whopping 83 percent.
The survey is a sampling of 100 companies, including 31 of the top 100 financial services institutions; 23 of the top 100 banks; and 10 of the top 50 insurers.
“Security threats such as viruses, worms, malicious code, sabotage and identity theft are real and have already cost millions of dollars in lost revenues to institutions globally,” Ted DeZabala a principal and national leader of Security Services for Deloitte & Touche, said in a statement. “These institutions are under increased pressure to deliver a secure environment while also providing greater consumer access.”
“There is a very fine balance between meeting such demands while maintaining the level of security needed to prevent and manage attacks,” he added.
Seventy percent still believe viruses and worms are the greatest threat to IT security. Despite that, fewer respondents reported fully deployed antivirus measures — 96 percent last year compared to 87 percent this year.
Also, IT security budgets were flat at more than 25 percent of the survey base, with 10 percent reporting reduced security budgets. A recent study from TowerGroup however reported that the IT security industry is emerging from a slump and should hit $71.5 billion this year.
The survey found gains in the areas of privacy and regulatory compliance efforts, where two-thirds claim to have a privacy management program in place, up incrementally by 6 percent over the previous year.
Financial service institutions are relatively risk-averse in approaching new technologies. Most identified themselves as “effective users of demonstrated technology” according to the surveys authors. That said, only 9 percent were willing to take risk associated with being an early adopter.
The survey also found vulnerability and identify management technologies were the two most common technology initiatives planned for pilot programs or deployment in the next 18 months.
The Deloitte survey is the latest this year that show IT security attacks of all sorts are on the rise in 2004. A recent Gartner group survey estimated the
cost of fake e-mail ‘phishing’ attacks at $1.2 billion dollars.
This year also looks to be bad for viruses and Trojans of all sorts, though according to one study infection
rates are holding steady.
On the bright side though according to a study published in April, companies with more certified security personnel have been reporting fewer security incidents.