Financial InfoSec is a Game of Cat-and-Mouse
A new report from Deloitte suggests financial institutions need to rethink their approach to cyber security investments.
In 2013 financial services topped the list of 26 industries that cyber criminals most targeted. Not likely to take it idly, financial services have put great investment behind their security defenses and made great efforts to comply with industry standards and regulations.
At the end of the day, finds Deloitte, the results of this strategy are humbling. In 2013, an annual investigative report on data security by Verizon found a staggering 88% of cyber attacks are successful in less than one day. But in the same time period, only 21% of firms are able to discover attacks, and just 40% are able to restore their business.
Given the dismal figures the report's authors liken the security strategy a game of cat and mouse; A constant pursuit to fortify the vulnerabilities revealed by cyber criminals met with more diverse methods of attack, forcing each side to perpetually adapt their offensive and defensive tactics.
Cloud, mobile, web and social media adoption increase the opportunities for attackers, according to the report. "Similarly, the waves of outsourcing, offshoring, and third-party contracting driven by a cost reduction objective may have further diluted institutional control over IT systems and access points. These trends have resulted in the development of an increasingly boundary-less ecosystem within which financial services companies operate, and thus a much broader ‘attack surface’ for the threat actors to exploit.”... Read full story on Wall Street & Technology
Post a comment to the original version of this story on Wall Street & Technology