A vast majority of financial companies have had to deal with a cybersecurity incident (opens in new tab) in the last year, according to new figures from Clearswift. Most of these incidents happened because employees ignored security protocols or data protection policies.
The introduction of malware onto the corporate network via third party USB sticks or personal devices (smartphones, tablets, laptops) was also a key driver.
“The financial sector is the lynchpin of the UK’s economy and a vital part of our nation’s Critical National Infrastructure, so it is alarming to see such high numbers of security incidents within financial organisations (opens in new tab),” said Clearswift’s CTO, Dr. Guy Bunker
“Unfortunately, in this day and age it’s a case of ‘when’ not ‘if’ a firm is breached so the financial sector needs to shift gears and speed up the innovation and deployment of effective data protection and threat mitigation strategies.”
At the same time, businesses aren’t allocating sufficient funds to keeping their networks secure. Less than a quarter of respondents believed their organisation spends enough on security, and almost three quarters would love to see this budget increased.
“Cybersecurity (opens in new tab) needs to rapidly evolve and the budgeting process should take this into account – the threat which can bring down a company may not have existed three months ago,” Bunker added.
"Financial organisations need to be able to respond immediately in order to protect their reputation. While many areas of securing a company’s data can be improved by educating employees and developing clear policies and processes, technology plays a key role in mitigating today’s biggest threats through automating and enforcing security protocols - which requires investment.”