Connect with us

Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website. .

Top Stories

2014 VORMETRIC INSIDER THREAT REPORT SHOWS THIRD PARTY CONTRACTORS AND COMPROMISED ‘PRIVILEGED USER’ CREDENTIALS WORRY FINANCIAL SERVICES FIRMS

data security

Published : , on

55 percent of European financial organisations believe third party contractors pose the biggest risk; 52 percent find insider threats harder to detect than last year

Vormetric, a leader in enterprise data security for physical, virtual and cloud environments announced further analysis of its ‘Insider Threat’ report, conducted in 2014 with industry analyst firm Ovum. Focusing on just those responses from IT decision-makers at financial services organisations in France, Germany, and the United Kingdom (a total of 92 responses), the research reveals how firms in the financial sector are evaluating their exposure to insider threats, and the steps they are taking in order to mitigate the risks.

2014 VORMETRIC Insider Threat Report Shows Third Party Contractors And Compromised 'PRIVILEGED USER' Credentials Worry Financial Services Firms

2014 VORMETRIC Insider Threat Report Shows Third Party Contractors And Compromised ‘PRIVILEGED USER’ Credentials Worry Financial Services Firms

The nature of insider threats today has shifted to include malicious privileged insiders as well as the compromise of privileged user accounts by advanced malware. The research shows that controlling legitimate network access by third party contractors is a primary concern within the sector, as 55 percent of IT decision-makers at financial organisations rate this type of user as posing the biggest risk. Other types of users that were isolated as posing the biggest threat to financial organisations include ‘privileged users’ – such as IT and network administrators – at 43 percent, and non-technical employees with legitimate access to sensitive data and IT assets, also at 43 percent.

Click to Tweet: #InsiderThreat: 3rd party contractors pose biggest risk for financial sector, finds @Vormetric and @OvumICT report http://bit.ly/1nYr41d

Other key findings from the report for financial services organisations:

  • 76 percent of financial services organisations plan to increase spending specifically to address insider threats
  • The top driver for this spending increase is compliance (45 percent), with protecting reputation and the implementation of best practices the next greatest areas of concern
  • Just over half (52 percent) are finding insider threats harder to detect than last year
  • Cloud computing technology was a big concern, with 45 percent of European financial organisations finding insider threats harder to detect because of increasing use of cloud resources

The objective of the report is to establish the impact that insider threats are having on organisations. Insider threats involve the abuse or compromise of legitimate access to company data. This threat is forcing organisations to introduce privileged user data access policies to reduce the risk of hackers and APTs successfully using compromised administrator credentials to steal data. It also significantly limits the potential for abuse and data theft by privileged users such as root users and contract administrators.

“Typically, financial services firms’ very business is built on generating and processing the kind of data that cybercriminals dream of,” said Alan Kessler, CEO at Vormetric. You may remember the case of the Korean Credit Bureau in January this year, when financial data belonging to a staggering 20 million South Koreans – 40 percent of the country’s entire population – was stolen as a result of insider theft. In this instance a third party contractor tasked with improving security systems is thought to have smuggled the data out using USB sticks, later selling the information to phone marketing companies. Organisations are struggling to know exactly who has access to what data at any one time – if you don’t know this you can’t make any assurances of its security.”

The adoption of Cloud computing was also a top concern of European financial organisations, with 45 percent feeling it to be the leading cause of additional insider threat risk. These organisations have long used Cloud resources to enhance their raw compute power for analysing financial markets and investments, but continue to grow cloud usage in other areas as well.

“Enterprises grow their use of cloud computing to take advantage of the business flexibility and financial advantages it brings,” said Daniele Catteddu, Managing Director EMEA for Cloud Security Alliance. “The research shows that they feel that there are additional security risks from this growth, and details how cloud providers can enhance their offerings to better meet enterprise security needs for offsetting insider threats.”

The report also details top concerns with big data initiatives, a technology area where financial services firms are leading adopters. 69 percent of European financial services organisations cited the security of reports from big data projects that may include sensitive data as their leading big data concern.

“Organisations are moving ahead with big data implementations – both to drive business advantage and to enhance security,” said Matt Asay, VP of Marketing and Business Development at MongoDB – a company whose technology supports big data implementations and a partner of Vormetric. “Results of the insider threat report show that organisations are clearly looking for solutions that can detect, defend and control access to digital assets from malicious and unauthorised individuals. MongoDB is enabling organisations to build modern applications for fraud detection, cyberthreat analysis, anti-terrorism and compliance.”

To find out more about the risks posed by insider threats and for additional findings from the research with Ovum, visit the Vormetric website: http://bit.ly/1nYr41d

The 2014 Vormetric Insider Threat Report focuses on Europe’s three largest technology and business markets – France, Germany, and the United Kingdom (UK). Across these three markets 540 senior IT professionals and business managers, over 80 percent from mid-to-large enterprise organisations, were interviewed on the impact that insider threats have on their organisations and on how prepared they are to deal with insider activity.

This report was conducted by Ovum Research on behalf of Vormetric and with cooperation from Cloud Security Alliance (CSA), MongoDB, OASIS, Total Device, Security Innovation Network and Field Fisher Waterhouse.

Global Banking & Finance Review

 

Why waste money on news and opinions when you can access them for free?

Take advantage of our newsletter subscription and stay informed on the go!


By submitting this form, you are consenting to receive marketing emails from: . You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact

Recent Post