Search
00
GBAF Logo
trophy
Top StoriesInterviewsBusinessFinanceBankingTechnologyInvestingTradingVideosAwardsMagazinesHeadlinesTrends

Subscribe to our newsletter

Get the latest news and updates from our team.

Global Banking & Finance Review®

Global Banking & Finance Review® - Subscribe to our newsletter

Company

    GBAF Logo
    • About Us
    • Advertising and Sponsorship
    • Profile & Readership
    • Contact Us
    • Latest News
    • Privacy & Cookies Policies
    • Terms of Use
    • Advertising Terms
    • Issue 81
    • Issue 80
    • Issue 79
    • Issue 78
    • Issue 77
    • Issue 76
    • Issue 75
    • Issue 74
    • Issue 73
    • Issue 72
    • Issue 71
    • Issue 70
    • View All
    • About the Awards
    • Awards Timetable
    • Awards Winners
    • Submit Nominations
    • Testimonials
    • Media Room
    • FAQ
    • Asset Management Awards
    • Brand of the Year Awards
    • Business Awards
    • Cash Management Banking Awards
    • Banking Technology Awards
    • CEO Awards
    • Customer Service Awards
    • CSR Awards
    • Deal of the Year Awards
    • Corporate Governance Awards
    • Corporate Banking Awards
    • Digital Transformation Awards
    • Fintech Awards
    • Education & Training Awards
    • ESG & Sustainability Awards
    • ESG Awards
    • Forex Banking Awards
    • Innovation Awards
    • Insurance & Takaful Awards
    • Investment Banking Awards
    • Banking Awards
    • Banking Innovation Awards
    • Digital Banking Awards
    • Finance Awards
    • Investor Relations Awards
    • Leadership Awards
    • Islamic Banking Awards
    • Real Estate Awards
    • Project Finance Awards
    • Process & Product Awards
    • Telecommunication Awards
    • HR & Recruitment Awards
    • Trade Finance Awards
    • The Next 100 Global Awards
    • Wealth Management Awards
    • Travel Awards
    • Years of Excellence Awards
    • Publishing Principles
    • Ownership & Funding
    • Corrections Policy
    • Editorial Code of Ethics
    • Diversity & Inclusion Policy
    • Fact Checking Policy
    • Financial Awards
    • Private Banking Awards
    • Private Banking Innovation Awards
    • Retail Banking Awards
    Original content: Global Banking and Finance Review - https://www.globalbankingandfinance.com

    A global financial intelligence and recognition platform delivering authoritative insights, data-driven analysis, and institutional benchmarking across Banking, Capital Markets, Investment, Technology, and Financial Infrastructure.

    Copyright © 2010-2026 - All Rights Reserved. | Sitemap | Tags

    Editorial & Advertiser disclosure

    Global Banking & Finance Review® is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website.

    1. Home
    2. >Technology
    3. >EMPLOYEE ERRORS OR OUTDATED SOFTWARE: WHICH PRESENTS THE BIGGER HEADACHE FOR CYBERSECURITY?
    Technology

    Employee Errors or Outdated Software: Which Presents the Bigger Headache for Cybersecurity?

    Published by Gbaf News

    Posted on October 25, 2016

    7 min read

    Last updated: January 22, 2026

    Add as preferred source on Google
    An infographic illustrating the rise in UK retail sales driven by Black Friday spending in late 2024, reflecting consumer spending trends amidst economic challenges.
    Black Friday retail sales surge in the UK, highlighting consumer spending trends - Global Banking & Finance Review
    Why waste money on news and opinion when you can access them for free?

    Take advantage of our newsletter subscription and stay informed on the go!

    Subscribe

    Global Banking & Finance Awards 2026 — Now Open for Entries
    Global Banking & Finance Awards 2026 — Call for Entries

    Robert Rutherford, CEO of the business and technical consultancy QuoStar

    Robert Rutherford

    Robert Rutherford

    In the British Insurance Brokers’ Association (Biba)’s 2016 manifesto, the Rt. Honourable Matthew Hancock, MP and Minister for the Cabinet Office, stated that “cyber-security is a significant and growing threat to the UK”. This could not be truer than for the insurance industry.With 70% of large insurance firms having reported a serious hacking attempt, it is clear that hackers are still capitalising on vulnerabilities, both old and new, alongside traditional social engineering techniques. The big guys are at risk, but it’s now the smaller operations that are key targets for exploitation.

    The security breaches faced by organisations within the insurance industry are part of a larger cycle – crucially, the time lag between a vulnerability being identified and being fixed by the vendor of the software needs to be as short as possible, and yet many businesses still don’t truly understand the risks and potential damage. In a bid to rectify security awareness within the insurance industry, Biba announced at its 2016 conference that it would be forming a cyber committee to help the industry identify and control their risks more effectively. However, until this committee is put into action, firms remain vulnerable and must take responsibility for their own cybersecurity strategies.

     The risks of dated software

    The outdated legacy systems retained by a surprisingly large portion of the financial sector does not always hold up in the face of a barrage of cyber attacks, particularly if an attacker gets past perimeter defences. Hackers are attracted by the monetary value of transactions flooding through these firms on a daily basis.

    One of the main entry points for hackers is based on the susceptibility of these dated systems. Hackers are constantly evolving and sharing their methods to attack via a weakness in security systems, so firms need to continue to implement controls such as portable encryption, endpoint protection, email content control, data leak prevention, intrusion detection and prevention systems as a minimum.

    The ISO 27001 standard is an international standard for best practice and continual improvement in IT security and is an excellent starting point in building an effective Information Security Management system, one which has to continually improve to remain certified. It’s a sensible route for a firm’s leadership to take so they can truly understand and take top-level accountability for risks and controls without needing to get into technical detail.

    Employee education

    The primary cause of data breaches comes through a lack of employee awareness, which can lead to staff being unknowingly socially engineered. It is an organisation’s responsibility to understand the risks associated with being hacked; ranging from reputational damage to financial damage, or even to the loss of client data. Employee training is undoubtedly a necessity to complement updated software. It is clear that to protect a firm’s interests; employees must be installed as the first line of defence. Technology is swiftly advancing, and unless employees are regularly retrained in the guises of cyber attacks, they can become easy targets.

    The larger the firm, the larger the risk

    What is normally lacking from IT security knowledge revolves around just how many access points there are for hackers.It is not just the computers in an office at risk; each server, printer, entry system, or device logged into an office cloud based software is a potential breach. With every new connection to the network, a new risk point is created, presenting a significant problem particularly for larger firms with an extensive employee and client network. Therefore, firms across the insurance industry must train their employees effectively and increase awareness of just how easy it can be to succumb to a hack. Whilst technology is a key part of the cyber security puzzle, it must be recognized that there is a level of human interaction too; without a full risk assessment and employee understanding of how to minimise the chances of a breach, any organisation could be considered to remain vulnerable to hackers. The days of spam emails and simplistic viruses are over, it’s a global threat and people are hacking for financial gain. All insurance firms must realise that they are definitely at risk.

    Robert Rutherford, CEO of the business and technical consultancy QuoStar

    Robert Rutherford

    Robert Rutherford

    In the British Insurance Brokers’ Association (Biba)’s 2016 manifesto, the Rt. Honourable Matthew Hancock, MP and Minister for the Cabinet Office, stated that “cyber-security is a significant and growing threat to the UK”. This could not be truer than for the insurance industry.With 70% of large insurance firms having reported a serious hacking attempt, it is clear that hackers are still capitalising on vulnerabilities, both old and new, alongside traditional social engineering techniques. The big guys are at risk, but it’s now the smaller operations that are key targets for exploitation.

    The security breaches faced by organisations within the insurance industry are part of a larger cycle – crucially, the time lag between a vulnerability being identified and being fixed by the vendor of the software needs to be as short as possible, and yet many businesses still don’t truly understand the risks and potential damage. In a bid to rectify security awareness within the insurance industry, Biba announced at its 2016 conference that it would be forming a cyber committee to help the industry identify and control their risks more effectively. However, until this committee is put into action, firms remain vulnerable and must take responsibility for their own cybersecurity strategies.

     The risks of dated software

    The outdated legacy systems retained by a surprisingly large portion of the financial sector does not always hold up in the face of a barrage of cyber attacks, particularly if an attacker gets past perimeter defences. Hackers are attracted by the monetary value of transactions flooding through these firms on a daily basis.

    One of the main entry points for hackers is based on the susceptibility of these dated systems. Hackers are constantly evolving and sharing their methods to attack via a weakness in security systems, so firms need to continue to implement controls such as portable encryption, endpoint protection, email content control, data leak prevention, intrusion detection and prevention systems as a minimum.

    The ISO 27001 standard is an international standard for best practice and continual improvement in IT security and is an excellent starting point in building an effective Information Security Management system, one which has to continually improve to remain certified. It’s a sensible route for a firm’s leadership to take so they can truly understand and take top-level accountability for risks and controls without needing to get into technical detail.

    Employee education

    The primary cause of data breaches comes through a lack of employee awareness, which can lead to staff being unknowingly socially engineered. It is an organisation’s responsibility to understand the risks associated with being hacked; ranging from reputational damage to financial damage, or even to the loss of client data. Employee training is undoubtedly a necessity to complement updated software. It is clear that to protect a firm’s interests; employees must be installed as the first line of defence. Technology is swiftly advancing, and unless employees are regularly retrained in the guises of cyber attacks, they can become easy targets.

    The larger the firm, the larger the risk

    What is normally lacking from IT security knowledge revolves around just how many access points there are for hackers.It is not just the computers in an office at risk; each server, printer, entry system, or device logged into an office cloud based software is a potential breach. With every new connection to the network, a new risk point is created, presenting a significant problem particularly for larger firms with an extensive employee and client network. Therefore, firms across the insurance industry must train their employees effectively and increase awareness of just how easy it can be to succumb to a hack. Whilst technology is a key part of the cyber security puzzle, it must be recognized that there is a level of human interaction too; without a full risk assessment and employee understanding of how to minimise the chances of a breach, any organisation could be considered to remain vulnerable to hackers. The days of spam emails and simplistic viruses are over, it’s a global threat and people are hacking for financial gain. All insurance firms must realise that they are definitely at risk.

    More from Technology

    Explore more articles in the Technology category

    Image for The Data Intelligence Gap: Why Precision Is Becoming Critical in Enterprise Sales
    The Data Intelligence Gap: Why Precision Is Becoming Critical in Enterprise Sales
    Image for How Data Observability Is Evolving in Financial Services
    How Data Observability Is Evolving in Financial Services
    Image for When Is a Dedicated Server the Right Choice for Your Business?
    When Is a Dedicated Server the Right Choice for Your Business?
    Image for Enter Now for Best IT/Technology Recruitment Agency 2026
    Enter Now for Best IT/Technology Recruitment Agency 2026
    Image for The Rise of Intelligent Automation: How Technology Is Redefining Work and Efficiency
    The Rise of Intelligent Automation: How Technology Is Redefining Work and Efficiency
    Image for How Automation Technologies Are Transforming Everyday Business Operations
    How Automation Technologies Are Transforming Everyday Business Operations
    Image for Asprofin Bank Announces Financing Initiative for Modular ‘Nanocenter’ Data Infrastructure
    Asprofin Bank Announces Financing Initiative for Modular ‘Nanocenter’ Data Infrastructure
    Image for Basel IV vs. The AI Bots: Why the Banking Rulebook Must Evolve in the Age of Algorithmic Herding
    Basel Iv Vs. The AI Bots: Why the Banking Rulebook Must Evolve in the Age of Algorithmic Herding
    Image for NordQuant Deploys Distributed Systems to Enhance Enterprise Digital Capabilities Introduction
    NordQuant Deploys Distributed Systems to Enhance Enterprise Digital Capabilities Introduction
    Image for Calling Entries for Data Center Deal of the Year 2026
    Calling Entries for Data Center Deal of the Year 2026
    Image for Nominations Now Open for Best Website Design Company 2026
    Nominations Now Open for Best Website Design Company 2026
    Image for Call for Entries: Best Digital Innovation Company (Non-Financial / Cross-Industry) 2026
    Call for Entries: Best Digital Innovation Company (Non-Financial / Cross-Industry) 2026
    View All Technology Posts
    Previous Technology PostConsensys, Synechron and Blockapps Collaborate on Financial Services Blockchain Applications
    Next Technology PostNew European Survey: 65% of Enterprises Lack Visibility and Control of Iot Devices on Their Network