Cyberattacks on financial firms double

Cyberattacks on large financial institutions have more than doubled from last year, according to a survey released by Deloitte & Touche.

The consulting firm said 83% of senior security officers at the world's leading financial institutions said their systems had been compromised in the past year, compared with 39% in 2003. 

Download this free guide

From forensic cyber to encryption: InfoSec17

Security technologist Bruce Schneier’s insights and warnings around the regulation of IoT security and forensic cyber psychologist Mary Aiken’s comments around the tensions between encryption and state security were the top highlights of the keynote presentations at Infosecurity Europe 2017 in London.

Start Download

• Corporate E-mail Address:

  You forgot to provide an Email Address.

  This email address doesn’t appear to be valid.

  This email address is already registered. Please login.

  You have exceeded the maximum character limit.

  Please provide a Corporate E-mail Address.

By submitting my Email address I confirm that I have read and accepted the Terms of Use and Declaration of Consent.

By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

Forty-three per cent of the respondents whose systems were attacked said they had lost money as a result. 

"What it says is that the attention of the big financial institutions is on this issue at much higher levels of the organisation," said Ted DeZabala, national leader of security services at Deloitte. "They are now cognisant of the magnitude of the problem, and they are taking much more action to address the issue." 

However, he noted the problem is growing faster than companies can respond. 

"It's harder to keep up, and yet there's much more attention paid to the issue than ever before."

Since the 11 September terrorist attacks, financial institutions have been under a lot more regulatory pressure to secure their IT systems, he said, adding that, people are much more attuned to risk management issues now, with security being one of them.

Despite the increase in cyberattacks, more than 25% of respondents said their security budgets remained flat this year, while almost 10% said their budgets were cut from the previous year. 

"Spending on security technologies is telling us that it's not so much that people are reducing the deployment of technology but that they're focusing on deployment as opposed to purchasing," DeZabala said.

"Companies have learned that the total cost of ownership for a security solution is more than the cost of the software. In the past, companies had done a lot of purchasing and not a lot of deployment. But now people are focusing on deploying what they have or what they're buying, so that explains some of the reduction." 

Seventy per cent of respondents believed worms and viruses are the biggest threats to their systems, and 87% of them said they have deployed anti-virus measures.

DeZabala said the management of third-party access to corporate networks is something that needs more attention. 

"Although a lot of attention is being paid to it, the problem is bigger than it ever was because there are many more third parties that are connecting to an institution - particularly the global institutions." 

"I think of security as medicine - there is always going to be a new disease, something new to manage and to deal with and find solutions to," he said. "But overall the population is getting healthier."

Linda Rosencrance writes for Computerworld