E-CommerceALERT.com is part of the Bennett Gold LLP web site network.
LINK TO: Bennett Gold LLP, Chartered Accountants, home page.
LINK TO: E-CommerceALERT.com Home Page.
CLICK to GO BACK to Main Page.

Research and retrieval of news articles by Bennett Gold LLP, Chartered Accountants

Effective December 31, 2012, articles are no longer being updated on this web site.
The site is now maintained as an historical archive, covering articles from the period 1999 to 2012.


Source: Computerworld

Posted on June 20, 2006

      Leading financial institutions experienced a huge surge in the number of security attacks over the past year, specifically from external sources, according to the Deloitte 2006 Global Security Survey released on June 19, 2006.

      Deloitte Security partner, Julie Priest said more than three-quarters (78 percent, up from 26 percent in 2005) of the world's leading 150 institutions surveyed confirmed a security breach from outside the organization.

      "Almost half (49 percent, up from 35 percent in 2005) experienced at least one internal breach - confirming last year's survey findings that internal breaches are an increasing threat," she said.

      The fourth annual survey found that the top three most common attacks the global financial industry experienced over the past 12 months, both externally and internally, aimed to extort for some form of monetary gain.

      "Phishing and pharming accounted for more than half (51 percent) of the external attacks, followed by spyware or malware utilization (48 percent).

      "Insider fraud (28 percent) and leakage of customer data (18 percent) were cited by respondents as among the top three most common internal breaches."

      Priest said the extent and nature of these security breaches signal a new reality for the global financial industry.

      "Execution and exploitation of these attacks require significant resources and coordination, which implies professional hackers and organized crime have entered the domain once ruled by 'script kiddies' and one-off hackers.

      "This shift in trend means organizations not only face more sophisticated and hard to track attacks, but are also challenged by increased risk and potential losses. Financial institutions should take these factors into account in their overall security strategy."

      "However, the shift to a more sinister criminal profile of online attackers and the potential risk they represent did not go unnoticed by the financial services sector, with evidence that financial institutions have started taking steps to fend off these threats."

      Deloitte partner and security specialist, George Stathos said that this year, identity theft and account fraud (58 percent), along with identity and access management (41 percent) made their way into the top five security initiatives for 2006.

      "Another indication of the financial industry's fast response to current events and emerging threats was the presence of disaster recovery and business continuity (49 percent) among the top five security initiatives," Stathos said.

      "The importance of a business continuity plan, following the recent string of natural disasters around the globe, is shown by 88 percent of organizations confirming that they have put in place an enterprise-wide business continuity management program."

      Priest added that Deloitte's survey shows that financial institutions are attentive to the fast-paced and changing security environment.

      "They are shifting priorities and starting to take necessary measures to mitigate the various security risks and challenges. However, while it is only natural to shift focus to the most imminent, emerging threats, organizations should avoid being blindsided and must strive to maintain a balanced, more holistic approach to their security operations and initiatives," she said.

      Interestingly, security awareness and training dropped off the top five initiatives this year. While 96 percent of respondents were concerned about employee misconduct involving IT systems, only a third (34 percent) have provided their staff with some form of information security and privacy training over the past 12 months. The most common mediums that financial institutions use for security training and awareness are Web page alerts and e-mails (63 percent). Other, perhaps more effective methods, such as orientation training (35 percent) and recognition of exemplary behaviour (9 percent), ranked low in use.

CLICK to GO BACK to Main Page.

E-Commerce Alerts are issued by Bennett Gold LLP, Chartered Accountants as situations develop. Bookmark this site and check back often. Our e-mail address is: info@BennettGold.ca

In accordance with United States Code, Title 17, Section 107 and Article 10 of The Berne Convention on Literary and Artistic Works, the news clippings on this web site are made available without profit for research and educational purposes.

Final Entries

LINK TO: Bennett Gold Chartered Accountants: A Licensed Provider of WebTrust Services.

WebTrust Is Your
Best Defense
Privacy Breaches.

Get WebTrust
Working For
Your Site.