Banks appoint IT security chiefs


Banks appoint IT security chiefs

Bill Goodwin
The majority of the world's leading financial services companies are appointing chief security officers as pressure from cyber attacks continues to intensify.

Two thirds of the top 500 financial firms have appointed or plan to appoint a chief security officer with equal or higher status than their chief information officer, research by Deloitte and Touche Tohmatsu revealed.

About 9% of CSOs report directly to the board, 32% report to the chief information officer, and 4% report to the chief executive, according to the survey of more than 150 of the worlds largest financial companies.

The trend, which lets companies view information security as part of their risk management strategy, rather than an IT expense, comes amid concern over the rising tide of cyber attacks.

Nearly 40% of the firms questioned said their systems had been compromised during the past year by attacks from either inside or outside their networks.

Despite the economic downturn, most financial companies have increased their security budgets or at least kept them at the same level.

About 50% of companies have increased their IT security staff, 3o% have left levels unchanged, and only 20% have made cuts in the past 12 months.

Although companies are confident that their systems are secure from external attacks, nearly 20% said they were not confident that their systems were well protected against internal hackers.

Only 4% said they were ahead on their IT security plans, however, with 37% describing themselves as "catching up" and 8% admitting they are behind.

The survey raised concerns about the adequacy of security training, with only 45% of firms offering a training or awareness programme for their staff.

Although 88% of the firms said they have a comprehensive disaster recovery plan in place, only 43% said they are confident that their back-ups work and are being stored off-site in accordance with policy.

Most financial institutions are planning to roll out leading-edge security technologies in the next 18 months. About 80% plan to install new public key infrastructure technology, 70% are looking at smartcards, and 29% plan to deploy biometrics. Twenty five per cent have cyber risk insurance and 5% plan to buy cover.

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy