Indian banks lost Rs 12.6 crore due to digital attacks in 2010

InformationWeek News Network, August 18, 2011

A recent Symantec survey reveals that firms in the Indian Financial services industry lost heavily in 2010 due to phishing attempts, theft of proprietary information and denial of service attacks

Symantec today released the findings of its Symantec Security Check – Indian Financial Services Industry 2011 (Banking, Financial Services and Insurance industries) report. The findings, close on the heels of the ensuing deadline for banks to comply with RBI (Reserve Bank of India) guidelines, reveal regulatory and governance mandates as a key driver of IT security for 50 percent of financial services enterprises. Increasing e-commerce and mobile transactions were identified by one in five enterprises as another reason for increased adoption of security.

Digital attacks prove costly

During the last financial year, 23 percent of respondents experienced an external attack ranging from phishing attempts, theft of proprietary information and denial of service attacks. External theft of confidential information was faced an average of 1.5 times and internal theft of information an average of 5.8 times. Financial services enterprises face significant financial losses due to security breaches, with the average loss being Rs 6.86 crore (Rs 68.6 million). This figure was nearly double for Indian banks, at Rs 12.6 crore (Rs 126 million). Sixty-seven percent of respondents that experienced a data breach lost man hours, and 61 percent stated that they had lost customers as a result. More than 80 percent of respondents have faced downtime due to online attacks, and took an average of four hours to resume normal operations.

Compliance and governance driving IT security adoption

50 percent of respondents from financial services enterprises in India cited compliance as the primary driver for adopting IT security. In fact, one in four respondents that experienced a digital attack faced monetary penalization. Over the last year, RBI has mandated two factor authentication at banks for all delivery channels. In the past 12 months, 31 percent of respondent-banks invested in identity management, and state that investment in technologies to address such regulations is likely to continue. According to the survey, technology investments during the next financial year will be made towards stronger governance, business continuity planning, securing mobile and wireless transactions, data loss prevention and network security.  

Mobility and Consumerization of IT pose security risks

The risk of exposing confidential information is increasing as customers explore new channels for financial transactions through e-commerce and mobile banking. Besides increased mobile and online transactions (18 percent), growing internal threats (15 percent) are also significant factors driving security adoption. The survey revealed that eight out of ten employees at respondent organizations use endpoints, and that currently 81 percent of smart phone users in these organizations access corporate information, and 57 percent use instant messaging.

“CIOs at financial services enterprises in India are concerned about the security of their information and related losses, leading to crucial attention towards IT governance,” said Ajay Goel, managing director, India and SAARC, Symantec. “RBI guidelines, the impending Basel III compliance and the IT (Amendment) Act 2008 regulations are compelling the financial sector to take a close look at how they secure and manage their information.”
comments powered by Disqus

Subscribe for Newsletter

Stay connected to the best business technology content every week. Subscribe to our daily newsletter now!

Slide Shows

Upcoming Webcast

How your Next Gen Firewall Should Be?

Cisco invites you to participate in an interesting, informative webinar focused on Cisco’s latest firewall services. This session focuses on enabling you to understand the new capabilities, including Application Visibility and Control (AVC), Intrusion Prevention (IPS), and Web Security Essentials (WSE), to the ASA 5500-X Series demonstrated by Cisco experts. They will take you through the unique traits of Cisco ASA that will help you to be prepared for the advanced challenges. Speakers: Srikanta Prasad, Subject Matter Expert – Security,Cisco Date & Time: November 7, 2014, 3:00pm India Time