Editorial & Advertiser Disclosure Global Banking And Finance Review is an independent publisher which offers News, information, Analysis, Opinion, Press Releases, Reviews, Research reports covering various economies, industries, products, services and companies. The content available on globalbankingandfinance.com is sourced by a mixture of different methods which is not limited to content produced and supplied by various staff writers, journalists, freelancers, individuals, organizations, companies, PR agencies Sponsored Posts etc. The information available on this website is purely for educational and informational purposes only. We cannot guarantee the accuracy or applicability of any of the information provided at globalbankingandfinance.com with respect to your individual or personal circumstances. Please seek professional advice from a qualified professional before making any financial decisions. Globalbankingandfinance.com also links to various third party websites and we cannot guarantee the accuracy or applicability of the information provided by third party websites. Links from various articles on our site to third party websites are a mixture of non-sponsored links and sponsored links. Only a very small fraction of the links which point to external websites are affiliate links. Some of the links which you may click on our website may link to various products and services from our partners who may compensate us if you buy a service or product or fill a form or install an app. This will not incur additional cost to you. A very few articles on our website are sponsored posts or paid advertorials. These are marked as sponsored posts at the bottom of each post. For avoidance of any doubts and to make it easier for you to differentiate sponsored or non-sponsored articles or links, you may consider all articles on our site or all links to external websites as sponsored . Please note that some of the services or products which we talk about carry a high level of risk and may not be suitable for everyone. These may be complex services or products and we request the readers to consider this purely from an educational standpoint. The information provided on this website is general in nature. Global Banking & Finance Review expressly disclaims any liability without any limitation which may arise directly or indirectly from the use of such information.


55 percent of European financial organisations believe third party contractors pose the biggest risk; 52 percent find insider threats harder to detect than last year

Vormetric, a leader in enterprise data security for physical, virtual and cloud environments announced further analysis of its ‘Insider Threat’ report, conducted in 2014 with industry analyst firm Ovum. Focusing on just those responses from IT decision-makers at financial services organisations in France, Germany, and the United Kingdom (a total of 92 responses), the research reveals how firms in the financial sector are evaluating their exposure to insider threats, and the steps they are taking in order to mitigate the risks.

2014 VORMETRIC Insider Threat Report Shows Third Party Contractors And Compromised 'PRIVILEGED USER' Credentials Worry Financial Services Firms
2014 VORMETRIC Insider Threat Report Shows Third Party Contractors And Compromised ‘PRIVILEGED USER’ Credentials Worry Financial Services Firms

The nature of insider threats today has shifted to include malicious privileged insiders as well as the compromise of privileged user accounts by advanced malware. The research shows that controlling legitimate network access by third party contractors is a primary concern within the sector, as 55 percent of IT decision-makers at financial organisations rate this type of user as posing the biggest risk. Other types of users that were isolated as posing the biggest threat to financial organisations include ‘privileged users’ – such as IT and network administrators – at 43 percent, and non-technical employees with legitimate access to sensitive data and IT assets, also at 43 percent.

Click to Tweet: #InsiderThreat: 3rd party contractors pose biggest risk for financial sector, finds @Vormetric and @OvumICT report http://bit.ly/1nYr41d

Other key findings from the report for financial services organisations:

  • 76 percent of financial services organisations plan to increase spending specifically to address insider threats
  • The top driver for this spending increase is compliance (45 percent), with protecting reputation and the implementation of best practices the next greatest areas of concern
  • Just over half (52 percent) are finding insider threats harder to detect than last year
  • Cloud computing technology was a big concern, with 45 percent of European financial organisations finding insider threats harder to detect because of increasing use of cloud resources

The objective of the report is to establish the impact that insider threats are having on organisations. Insider threats involve the abuse or compromise of legitimate access to company data. This threat is forcing organisations to introduce privileged user data access policies to reduce the risk of hackers and APTs successfully using compromised administrator credentials to steal data. It also significantly limits the potential for abuse and data theft by privileged users such as root users and contract administrators.

“Typically, financial services firms’ very business is built on generating and processing the kind of data that cybercriminals dream of,” said Alan Kessler, CEO at Vormetric. You may remember the case of the Korean Credit Bureau in January this year, when financial data belonging to a staggering 20 million South Koreans – 40 percent of the country’s entire population – was stolen as a result of insider theft. In this instance a third party contractor tasked with improving security systems is thought to have smuggled the data out using USB sticks, later selling the information to phone marketing companies. Organisations are struggling to know exactly who has access to what data at any one time – if you don’t know this you can’t make any assurances of its security.”

The adoption of Cloud computing was also a top concern of European financial organisations, with 45 percent feeling it to be the leading cause of additional insider threat risk. These organisations have long used Cloud resources to enhance their raw compute power for analysing financial markets and investments, but continue to grow cloud usage in other areas as well.

“Enterprises grow their use of cloud computing to take advantage of the business flexibility and financial advantages it brings,” said Daniele Catteddu, Managing Director EMEA for Cloud Security Alliance. “The research shows that they feel that there are additional security risks from this growth, and details how cloud providers can enhance their offerings to better meet enterprise security needs for offsetting insider threats.”

The report also details top concerns with big data initiatives, a technology area where financial services firms are leading adopters. 69 percent of European financial services organisations cited the security of reports from big data projects that may include sensitive data as their leading big data concern.

“Organisations are moving ahead with big data implementations – both to drive business advantage and to enhance security,” said Matt Asay, VP of Marketing and Business Development at MongoDB – a company whose technology supports big data implementations and a partner of Vormetric. “Results of the insider threat report show that organisations are clearly looking for solutions that can detect, defend and control access to digital assets from malicious and unauthorised individuals. MongoDB is enabling organisations to build modern applications for fraud detection, cyberthreat analysis, anti-terrorism and compliance.”

To find out more about the risks posed by insider threats and for additional findings from the research with Ovum, visit the Vormetric website: http://bit.ly/1nYr41d

The 2014 Vormetric Insider Threat Report focuses on Europe’s three largest technology and business markets – France, Germany, and the United Kingdom (UK). Across these three markets 540 senior IT professionals and business managers, over 80 percent from mid-to-large enterprise organisations, were interviewed on the impact that insider threats have on their organisations and on how prepared they are to deal with insider activity.

This report was conducted by Ovum Research on behalf of Vormetric and with cooperation from Cloud Security Alliance (CSA), MongoDB, OASIS, Total Device, Security Innovation Network and Field Fisher Waterhouse.