Only 36 percent of financial organizations around the globe say they are prepared to handle information technology (IT) risks, according to a survey by Netwrix, a data security company.
The Netwrix 2017 IT Risks Report, which polled IT specialists at financial companies on security practices,
also found that 67 percent do not use any software for information security governance or risk management.
“Financial organizations may have flaws in their IT risks mitigation strategy, but they still have achieved impressive results compared to other industries we’ve surveyed. However, only one third of financial organizations have consistent and mature practices, which enable them to act proactively towards any new and existing threats,” CEO of Netwrix Michael Fimin said. “Financial organizations still need, and this need is well acknowledged, to fortify the security by better protecting data against breaches and fraud and by mitigating human factor. These two areas are going to be a major investment focus in the near future.”
The survey also revealed that 36 percent of financial organizations do not have a separate cybersecurity function.
Among other findings, 55 percent said the biggest threat to system availability and security is employees, followed by third parties with legitimate access to internal systems (27 percent).
Further, 27 percent of financial organizations had security incidents caused by human error in 2016, and 18 percent dealt with malware last year.
Just over half, 55 percent, said lack of time is the main obstacle to more efficient handling of IT risks followed by lack of budget (45 percent) and complexity of IT infrastructures (45 percent).