Symantec today released the findings of its Symantec Security
Check – Indian Financial Services Industry 2011 (Banking,
Financial Services and Insurance industries) report. The findings,
close on the heels of the ensuing deadline for banks to comply with
RBI (Reserve Bank of India) guidelines, reveal regulatory and
governance mandates as a key driver of IT security for 50 percent
of financial services enterprises. Increasing e-commerce and mobile
transactions were identified by one in five enterprises as another
reason for increased adoption of security.
Digital attacks prove
costly
During the last financial year, 23 percent of respondents
experienced an external attack ranging from phishing attempts,
theft of proprietary information and denial of service attacks.
External theft of confidential information was faced an average of
1.5 times and internal theft of information an average of 5.8
times. Financial services enterprises face significant financial
losses due to security breaches, with the average loss being Rs
6.86 crore (Rs 68.6 million). This figure was nearly double for
Indian banks, at Rs 12.6 crore (Rs 126 million). Sixty-seven
percent of respondents that experienced a data breach lost man
hours, and 61 percent stated that they had lost customers as a
result. More than 80 percent of respondents have faced downtime due
to online attacks, and took an average of four hours to resume
normal operations.
Compliance and governance driving IT
security adoption
50 percent of respondents from financial services enterprises in
India cited compliance as the primary driver for adopting IT
security. In fact, one in four respondents that experienced a
digital attack faced monetary penalization. Over the last year, RBI
has mandated two factor authentication at banks for all delivery
channels. In the past 12 months, 31 percent of respondent-banks
invested in identity management, and state that investment in
technologies to address such regulations is likely to continue.
According to the survey, technology investments during the next
financial year will be made towards stronger governance, business
continuity planning, securing mobile and wireless transactions,
data loss prevention and network security.
Mobility and Consumerization of IT
pose security risks
The risk of exposing confidential information is increasing as
customers explore new channels for financial transactions through
e-commerce and mobile banking. Besides increased mobile and online
transactions (18 percent), growing internal threats (15 percent)
are also significant factors driving security adoption. The survey
revealed that eight out of ten employees at respondent
organizations use endpoints, and that currently 81 percent of smart
phone users in these organizations access corporate information,
and 57 percent use instant messaging.
“CIOs at financial services enterprises in India are
concerned about the security of their information and related
losses, leading to crucial attention towards IT governance,”
said Ajay Goel, managing director, India and SAARC, Symantec.
“RBI guidelines, the impending Basel III compliance and the
IT (Amendment) Act 2008 regulations are compelling the financial
sector to take a close look at how they secure and manage their
information.”
"Disclaimer Note: "InformationWeek India and UBM India do not endorse, and have not verified the views and claims expressed in this vendor Press Release."