Security

Indian banks lost Rs 12.6 crore due to digital attacks in 2010

InformationWeek News Network, August 18, 2011

A recent Symantec survey reveals that firms in the Indian Financial services industry lost heavily in 2010 due to phishing attempts, theft of proprietary information and denial of service attacks

Symantec today released the findings of its Symantec Security Check – Indian Financial Services Industry 2011 (Banking, Financial Services and Insurance industries) report. The findings, close on the heels of the ensuing deadline for banks to comply with RBI (Reserve Bank of India) guidelines, reveal regulatory and governance mandates as a key driver of IT security for 50 percent of financial services enterprises. Increasing e-commerce and mobile transactions were identified by one in five enterprises as another reason for increased adoption of security.

Digital attacks prove costly

During the last financial year, 23 percent of respondents experienced an external attack ranging from phishing attempts, theft of proprietary information and denial of service attacks. External theft of confidential information was faced an average of 1.5 times and internal theft of information an average of 5.8 times. Financial services enterprises face significant financial losses due to security breaches, with the average loss being Rs 6.86 crore (Rs 68.6 million). This figure was nearly double for Indian banks, at Rs 12.6 crore (Rs 126 million). Sixty-seven percent of respondents that experienced a data breach lost man hours, and 61 percent stated that they had lost customers as a result. More than 80 percent of respondents have faced downtime due to online attacks, and took an average of four hours to resume normal operations.

Compliance and governance driving IT security adoption

50 percent of respondents from financial services enterprises in India cited compliance as the primary driver for adopting IT security. In fact, one in four respondents that experienced a digital attack faced monetary penalization. Over the last year, RBI has mandated two factor authentication at banks for all delivery channels. In the past 12 months, 31 percent of respondent-banks invested in identity management, and state that investment in technologies to address such regulations is likely to continue. According to the survey, technology investments during the next financial year will be made towards stronger governance, business continuity planning, securing mobile and wireless transactions, data loss prevention and network security.  

Mobility and Consumerization of IT pose security risks

The risk of exposing confidential information is increasing as customers explore new channels for financial transactions through e-commerce and mobile banking. Besides increased mobile and online transactions (18 percent), growing internal threats (15 percent) are also significant factors driving security adoption. The survey revealed that eight out of ten employees at respondent organizations use endpoints, and that currently 81 percent of smart phone users in these organizations access corporate information, and 57 percent use instant messaging.

“CIOs at financial services enterprises in India are concerned about the security of their information and related losses, leading to crucial attention towards IT governance,” said Ajay Goel, managing director, India and SAARC, Symantec. “RBI guidelines, the impending Basel III compliance and the IT (Amendment) Act 2008 regulations are compelling the financial sector to take a close look at how they secure and manage their information.”
comments powered by Disqus

Subscribe for Newsletter

Stay connected to the best business technology content every week. Subscribe to our daily newsletter now!

Slide Shows

Upcoming Webcast

Business Models in the Black Market

Join RSA for this upcoming webcast as we take a deep dive into the latest business models in the black market. By attending, you will learn about: The latest cybercrime training services being offered to new fraudsters, The alliances being formed across various underground forums and its impact New economic models being applied for payments and cashout among cybercriminals Speaker: Eli Marcus Senior Writer, Fraud Action Knowledge Delivery team, RSA Date & Time: July 31, 2014, 3:00pm India Time