Information security at financial services companies is at risk because the recession is distracting and upsetting...
staff, and new technologies are making their errors the main cause of security failure at most firms.
Websitessuch as Facebook and MySpace, and mobile media such as PDAs and USBs are creating an extra workload for security systems and are creating more points of entry for hackers.
According to Deloitte's sixth annual Global Security Survey job insecurity and increased stress levels as well as cut backs will increase security risks.
Nearly 60% of global financial services firms are not confident that they can stop cyber attacks from penetrating their systems.
This is the result of workers being distracted and disgruntled by the effects of the recession, according to Deloitte. A total of 86% of firms interviewed said human errorwas the main cause of information security system failure.
Of survey participants 58% were "not very" or only "somewhat" confident intheir ability to protect their organisations from internal cyber-attacks.
"This recognises that people are both an organisation's greatest asset as well as its weakest link, and is particularly relevant in today's economic climate where job insecurity and increased stress levels may lead employees to behave in unusual ways," said Deloite.
"Financial institutions are facing a battle on two fronts in their efforts to protect consumers' financial assets and data. On one side is the growing sophistication of hackers that exploit new technologies such as social networks platforms, on the other side is the challenging economic environment and potential redundancies that has created a distracted workforce and a growing number of disgruntled former employees," Mike Maddison, head of Deloitte's security & privacy practice.
He said cutting security budgets is risky during economic downturns. "As the financial crisis continues to bite deep, organisations may look to save money by cutting IT budgets and reducing spending on security projects The challenges organisations face in managing security risks are as significant as ever whilst the implications of a security breach can be multiplied."