Insider threats within the financial sector can be mitigated, says new report

A new breach report on financial services published by Bitglass suggests that organizations within the financial services sector are reaching a new high in data breaches. Despite security being a top priority for the financial services due to the nature of the data collected and the large number of consumers relying on these essentials services, the report highlights that organizations still rely on ‘dinosaurs’ – outdated security solutions – and struggle to protect their data outside the corporate network.

The report findings reveal that one in four breaches in the financial sector over the last few years were due to lost or stolen devices, and one in five breaches were the result of hacking. More worrying stats show that five of the twenty largest banks in the United States suffered a data breach in the first six months of 2016.

In the last decade, financial sector breaches were caused by:

  • Lost or stolen devices caused 25.3% of breaches.
  • Less than a fifth (19.2%) of the breaches are a result of hacking.
  • 14% of breaches are a result of unintended disclosure.
  • Lost paper records account for 8.1% of breaches
  • 13% of breaches are caused by insider threats.

The report argues that organizations should be as concerned about insider threats as they are about phishing attacks, and that organizations can mitigate insider threats by analyzing user behavior in order to identify anomalies and threats.

Information security processes –including controls to mitigate insider threats – are critical for organizations providing essential services in sectors such as financial services, health care, and telecommunications.

Organizations wishing to take action to respond to insider threats can reduce their risk exposure with IT Governance’s Information Security Staff Awareness E-learning Course. The course is designed to equip employees with a better understanding of information security risks and compliance requirements in a quick, affordable, and effective way by delivering systematic and consistent training across multiple learners.

To find out how IT Governance’s Information Security Staff Awareness E-learning Course can help your organization reduce your security risk exposure and prevent insider threats, click here >>