Deloitte: Firms lack confidence they can deter internal attacks

Share this article:

Human error is the leading cause for IT system breaches, and most corporate security officials do not feel confident they can protect their organizations from internal cyberattacks, according to Deloitte Touche Tohmatsu's annual survey.

In all, the survey, released Wednesday, found that the global recession is putting information at great risk for these companies.

“The economic situation has heightened the concern with a number of institutions, and the threats and the vulnerabilities and the risks have increased," Mark Steinhoff, principal in Deloitte's security and privacy services practice, told SCMagazineUS.com Thursday. "You have tighter budgets, and greater concerns over internal breaches."

Eight-six percent of survey respondents said human error is the leading cause of information systems failure. This finding indicates that normally trustworthy employees can act abnormally during the stressful times of a poor economy, according to Deloitte. More than a third (36 percent) of respondents expressed concern about insiders' misconduct, compared to only 13 percent who were concerned about external threats. Despite this, 58 percent of respondents said they do not feel confident they can prevent internal attacks. 

The survey included participants across 32 countries from the top 100 global financial institutions and banks, as well as the top 50 global insurance companies.

A majority of survey respondents said their information security budgets increased last year but are not keeping pace with security challenges, according to Deloitte. In fact, 56 percent of respondents said buget constraints were the main barriers to ensuring information security, while a lack of resources was identified by a third as the leading cause of failure of information security projects.

Interestingly, more than half the financial institutions surveyed restrict the use of social networks and instant messaging, citing the extra load on internal and external security. That concern also spread to use of USB keys, MP3 players and PDAs.

Share this article:

Sign up to our newsletters

More in News

AOL Mail hack furthers spam campaign using spoofed accounts

AOL confirmed on Monday that it was aware of the issue and working to remediate the situation.

Backdoors in Wi-Fi routers, said to be closed, can be reopened

Backdoors in Wi-Fi routers, said to be closed, ...

Although said to be patched, researcher Eloi Vanderbeken discovered during the Easter holiday that backdoors existing in certain wireless routers can be reactivated.

Apple ships Mac OS X updates, fixes several code execution bugs

Apple ships Mac OS X updates, fixes several ...

Among the addressed vulnerabilities, was a bug affecting WindowServer, which could allow an attacker to execute malicious code outside the sandbox.