Banking Exchange Magazine Logo

Insiders causing breach boom?

Bad insider behavior edges past outside attacks as top culprit

  • |
  • Written by  Website Staff
  • |
  • Comments:   DISQUS_COMMENTS
Insiders causing breach boom?

Financial services organizations are still being breached too often, most frequently by those with insider access, according to the second annual SANS Institute survey on the security of the financial services sector.

The survey report says that 46% of respondents cited abuse or misuse by internal employees or contractors, while 42% cited successful spearphishing attacks as being their most prevalent causes of breaches.

In 2015, avoiding breaches was chosen by 81% of respondents, making it the top driver for information security programs. In the 2014 report, the top driver was meeting compliance. This year, compliance is respondents' second most important driver, while their third top driver is to improve their security and risk management programs overall.

"One of the biggest security problems we're seeing is bad user behavior," says SANS instructor and financial systems security expert G. Mark Hardy. "As a result of their inability to contain user mistakes, financial services companies are learning that compliance doesn't translate to security and are shifting their top priority from compliance to avoiding data breaches."

This shift toward stopping breaches and improving programs was further demonstrated by a trend to spend more on information security. Although one-third of respondents could not quantify their IT security budgets, 41% of those who could were planning to spend 9% or more of their IT budgets on security in FY 2015 compared to 35% making that commitment in FY 2014. Moreover, 58% said they plan to invest more heavily in IT-related security and risk management in the next 24 months.

Download Security Spending And Preparedness In The Financial Sector: A SANS Survey

back to top


About Us

Connect With Us


Webinar: Real-Time Payments in the U.S. Market

Time/Date: June 16, 2021 2:00 p.m. ET

The U.S. has come a long way in its journey to real-time payments, with TCH and Zelle in market and FedNow just around the corner. COVID-19 has accelerated that demand to move to real-time. Yet many financial institutions remain unconvinced of the need to move, with less than 3% of financial institutions signed up today.

In this Banking Exchange hosted webinar Celent’s Gareth Lodge, Senior Analyst, Global Payments, and Alacriti’s Mark Ranta, Payments Practice Lead, discuss the findings in the Celent research report, Real-Time Payments in the US Market: Speeding Up or Slowing Down? A Call to Arms.


This webinar is brought to you by:
Alacriti logo