Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Hackers bigger threat than rogue staff

From: InfoSec News <isn () c4i org>
Date: Fri, 16 May 2003 02:29:53 -0500 (CDT)
http://www.vnunet.com/News/1140907

By Emma Nash 
[15-05-2003]

Survey of financial firms finds 90 per cent of security breaches come
from outside.

Most security attacks on financial services organisations are coming
from outside the company - not from employees as widely thought.  
Deloitte & Touche's 2003 Global Security Survey examined the security
at 80 Fortune 500 financial companies, and found that 90 per cent of
security attacks are coming from external sources.

"For as many years as I can remember, internal attacks have always
been higher than external," said Simon Owen, Deloitte & Touche partner
responsible for technology risk in financial services.

"Sixty to 70 per cent used to be internally sourced. But most attacks
are now coming from external forces and that's a marked change."

The report showed that 39 per cent of respondents experienced a
security breach in the past year, and only 10 per cent of those were
generated internally.

"As organisations become more connected there are more doors people
can rattle to get in," said Owen.

There seems to be an increased awareness of security, but it is not as
widespread as it should be. Some 80 per cent of respondents said they
had a security policy, but only 47 per cent of those companies said
the strategy was "embraced by line and functional leaders".

"The majority of organisations have a security policy, but the
majority said the organisation doesn't buy into it," said Owen.

"We have to raise the gambit and education is needed to stop the
security department churning out paper and nobody taking any notice."

And banks do not fully understand what a major security attack could
do.

"I think they're aware of the nuisance and disruption factor, but I
don't think these organisations have taken into account the potential
impact on brand and reputation, on the customer base, market profile
and regulatory impact," Owen said.



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.
Previous By Date Next
Previous By Thread Next

Current thread: