Banking Exchange Magazine Logo

Security pros squeezed by criminals, business demands

Demand for security measures disconnects with budget constraints

Security pros squeezed by criminals, business demands

The rate and sophistication of malware and data breaches continue to accelerate, a trend that is proving seemingly impossible for businesses to counter. The men and women in the trenches charged with countering such attacks feel pressure coming at them from all sides, forcing them sometimes to make decisions they don’t necessarily want to make, according to a new study by Trustwave.

The survey polled 833 chief information officers, chief information security officers, and IT security directors worldwide, 526 of whom were in the United States. It found that overall security-related pressures increased from 2012 to 2013, with more pressure expected this year. Targeted malware topped the list of security threats exerting the most pressure, followed by data breaches and phishing/social engineering.

Internally, however, the survey found that four out of five IT pros were pressured in 2013 to roll out projects despite security issues. The IT pros were most pressured to use cloud and mobile applications, even though they felt they posed the greatest security risk. Other emerging technologies they felt posed risks included big data applications, BYOD programs, and social media.

When asked who specifically in their organizations exerted pressures to roll out programs with security measures, half said it came from the board of directors, owner, or C-level executive. However, budgets for new capital outlays associated with security were cited as being most under pressure, followed closely by monthly operational expenses and staff.

“IT pros are pressured to use security technology containing all of the latest features, despite one out of three not having the resources to do so effectively,” the study notes. Meanwhile, when asked for a wish list of what they’d like to have to do their job more effectively, these IT pros said more budget, more IT security skills, and more time to incorporate it all effectively.

The Trustwave report concludes with these recommendations:

  • Accept that mounting pressures, including attention from the board and other forms of internal scrutiny are increasing.
  • Malware is everywhere. Make anti-malware protection a top priority.
  • Augment in-house security expertise.
  • Perform business-wide security risk assessments and ongoing penetration testing.
  • Prioritize security awareness education.
  • Automate protection for web applications.
  • Stop buying security technologies for their flashy features, especially if IT doesn’t have the resources to use them.

(ABA’s affiliate Corporation for American Banking endorses Trustwave's Network Security and Data Protection Resources. Read more.)  

John Ginovsky

John Ginovsky is a contributing editor of Banking Exchange and editor of the publication’s Tech Exchange e-newsletter. For more than two decades he’s written about the commercial banking industry, specializing in its technological side and how it relates to the actual business of banking. In addition to his weekly blogs—"Making Sense of It All"—he contributes fresh, original stories to each Tech Exchange issue based on personal interviews or exclusive contributed pieces. He previously was senior editor for Community Banker magazine (which merged into ABA Banking Journal) and for ABA Banking Journal and was managing editor and staff reporter for ABA’s Bankers News. Email him at [email protected]

back to top


About Us

Connect With Us


Webinar: From KYC to IDV

How three leading banks are utilizing cutting-edge
digital tools to onboard, win, and wow customers

Time/Date: June 23, 2021 11:00 a.m. ET

Digital adoption, already moving at warp speed, accelerated seven years into the future during the COVID-19 pandemic. As the number of bank branches continues to fall, with at least one study predicting all branches will disappear by 2034 (Fox Business) and foot traffic declining (Vox), today’s most innovative banks are charting a new, digital-first path to win over customers while increasing security, meeting KYC compliance requirements, and winning customers to drive revenue.

In this webinar, you’ll hear from John Baird, Founder & CEO of Vouched, Tyler Crawford, COO of Bankers Healthcare Group, Anand Sathiyamurthy, CPO of Flagstar Bank and Daniel Sheehan, Chairman & CEO of Professional Bank as they describe their vision for digital transformation and how customer expectations are changing to digital first. They’ll also explore how fostering an innovation mindset creates new ways to tackle complex KYC problems and allows them to quickly compete in new markets and win customers.


This webinar is brought to you by:
Vouched Logo