Why Security Professionals in Financial Services are relying on...

The Quintessential Technology Source for Corporate Financial Professionals

Why Security Professionals in Financial Services are relying on Fewer Technologies and Tools

Sameer Kishore, VP & Global Head, Banking, Financial Services, Securities & Insurance, Dell Services

Sameer Kishore, VP & Global Head, Banking, Financial Services, Securities & Insurance, Dell Services

Financial services organizations face security attacks three times as frequently as companies in any other industry. Hackers are not only targeting these firms for their money, but also for the wealth of customers’ personal information available. Just one successful attack can make way for hundreds more. The Identity Theft Resource Center (ITRC) demonstrated this domino effect in its 2015 study of 781 data breaches (71 involving financial institutions). Those breaches are believed to have exposed more than 5 million customer records.

Still, financial services security professionals don’t seem to be phased. In fact, our recent Security Capabilities Benchmark Study shows that they are more confident about their firms’ security than they were a year ago. Many have even reduced the number of security solutions and tools they use to detect and block threats.

In the study, we surveyed more than 2,400 security professionals, including chief information security officers (CISOs) and security operations (SecOps) managers in 12 different countries, about their security initiatives. Then, we analyzed the IT security capabilities and tools used across the industry and compared our findings to the initial study. We found a drastic contradiction between what financial services security experts say, and what they do.

What Financial CSOs Say...

In 2015, 76 percent of survey respondents said that their systems for detecting network anomalies and defending against shifts in adoptive threats are highly effective. In 2014, that number was only 66 percent. Also in 2015, 74 percent said that security tools for determining the scope of a compromise were highly effective. In 2014, that number was slightly lower, at 67 percent.

  "​Successful CSOs realize that effective security measures go beyond a software program or the latest encryption application"

And What They Do

When we looked at how security professionals use these tools, the duality became all the more clear. In 2015, 48 percent of respondents said they use access control and authorization tools to block threats – down from 57 percent the previous year. Thirty-two percent used network forensic tools in 2015, compared to the 48 percent who said they used them in 2014.

The Shifting CSO Mindset

While there is a discrepancy between survey respondents’ thoughts and actions, one thing is true: the mindsets of financial services CSOs are shifting. And, it’s not necessarily a bad thing. Instead of exuding a sense of overconfidence in their firms’ ability to thwart threats, the modern CSO has accepted the firm’s strengths and weaknesses and assumed a more realistic point of view – internal technology, tools and expertise can only go so far. Now, CSOs are focusing on developing specific strategies to close security gaps.

In our research, we’ve observed a few common practices followed by the most proactive CSOs. First, many view security as a company-wide issue. In the past, the C-Suite was deemed security another “cost of doing business,” rather than a business driver. In actuality, security can help a company grow its profits. Although this may be difficult to convey to C-level executives and decision makers, successful CSOs understand that security is a top priority. Therefore, they are increasing their efforts to get everyone at their organization involved, making them aware that security can affect the entire company, not just a single department or function. Many financial services firms are already embracing this notion and line-of-business managers taking on more security-related responsibilities. In 2015, 59 percent (up from 46 percent in 2014) of survey participants noted that line-of-business managers are actively contributing to security policies and procedures.

Second, CSOs are training their employees as their first line of defence against cyber-attacks and hackers. Our research unveiled that that 44 percent of CISOs say they have increased the amount of security awareness training for employees, as well as increased their budget for training security staff. From customer service reps to CEOs, it is vital that everyone is properly trained and proactively involved in the company’s security initiatives. Third, we found that 37 percent of financial services CSOs are turning to outside help due to an insufficient internal pool of knowledge. Like technology, internal staff expertise has limitations and bringing in external security experts can provide a much-needed boost and fill some holes. 

Although CSOs in the financial services industry are using fewer technologies and tools to defend and protect their firms from security breaches and cyber-attacks, their shifting mindset represents a positive change. Successful CSOs realize that effective security measures go beyond a software program or the latest encryption application; they require organization-wide awareness, support from your employees, and at times, outside help. Your company – and more importantly, your customers – depend on it.

Weekly Brief

Top 10 Accounting Outsourcing Companies - 2020

Read Also

Revolutionizing the Accounting Industry through Cloud Computing

Revolutionizing the Accounting Industry through Cloud Computing

Dr Chandra Bhansali, CEO, AccountantsWorld
How Digital Disruption Increases Finance Capabilities

How Digital Disruption Increases Finance Capabilities

Mike Danitz, Principal in the Finance and Enterprise Performance practice within Deloitte Consulting LLP
Managing Finances through Robust Accounting System

Managing Finances through Robust Accounting System

Jeff Banaszak, Chief Financial Officer, Creative Dining Services
Seize the Automation Opportunity at Your Digital Front Door

Seize the Automation Opportunity at Your Digital Front Door

Matt Shanahan, Co-Founder and Chief Strategy Officer, Lockstep
Negative stereotypes of Accounts Receivable Financing

Negative stereotypes of Accounts Receivable Financing

Brad Agee, Vice President-Accounts Receivable Manager, Amegy Bank
Increasing Competitive Advantage with FinTech

Increasing Competitive Advantage with FinTech

Selim Tastan, Head of Digital Transformation and Innovation, Kuveyt Turk Participation Bank