A global survey has revealed that 39 percent of financial institutions experienced at least one security breach within the past year. Deloitte Touche Tohmatsu's Global Security Survey -- released today -- revealed the disturbing figure, of which two-thirds were breaches of security from outside the organisation.
Australian organisations that were surveyed described themselves as relatively conservative in their adoption of technology, with risk-averse banks assessing the adequacy of security when making technology choices.
"Australian banks have invested heavily in information security and it's clear that security remains a high priority for the industry in Australia," said Stephen Ford, Australian spokesperson for the Global Information Security & Privacy Services, Global Financial Services Group. "This is demonstrated by the level of capital investment, increasing security staffing levels, and the rising seniority of security management positions," he said.
Financial institutions view security as providing both a marketing advantage as well as being critical to maintaining the integrity of their data and operations. The Commonwealth Bank said today it was the first Australian bank to launch both the Verified by Visa and MasterCard SecureCode online security programs, which involve entering a password along with your credit card number when conducting online transactions.
Of the institutions surveyed globally, 47 percent have maintained or increased IT security staffing in the past two years, and 78 percent plan to adopt Public Key Infrastructure technologies, with almost as many planning to incorporate smart cards into their security system. Almost half of the companies surveyed have already instituted security policies related to wireless communications.
Despite this, only five percent of respondents to the survey were "extremely confident" about how well their organisation's systems were protected from internal attacks.
However, 63 percent of respondents reported that management perceived spending on IT security to be a necessary cost of doing business, rather than a discretionary expense. Typically, security accounts for between 6-8 percent of an organisation's IT budget.