Insiders causing breach boom?

Financial services organizations are still being breached too often, most frequently by those with insider access, according to the second annual SANS Institute survey on the security of the financial services sector.

The survey report says that 46% of respondents cited abuse or misuse by internal employees or contractors, while 42% cited successful spearphishing attacks as being their most prevalent causes of breaches.

In 2015, avoiding breaches was chosen by 81% of respondents, making it the top driver for information security programs. In the 2014 report, the top driver was meeting compliance. This year, compliance is respondents' second most important driver, while their third top driver is to improve their security and risk management programs overall.

"One of the biggest security problems we're seeing is bad user behavior," says SANS instructor and financial systems security expert G. Mark Hardy. "As a result of their inability to contain user mistakes, financial services companies are learning that compliance doesn't translate to security and are shifting their top priority from compliance to avoiding data breaches."

This shift toward stopping breaches and improving programs was further demonstrated by a trend to spend more on information security. Although one-third of respondents could not quantify their IT security budgets, 41% of those who could were planning to spend 9% or more of their IT budgets on security in FY 2015 compared to 35% making that commitment in FY 2014. Moreover, 58% said they plan to invest more heavily in IT-related security and risk management in the next 24 months.

Download Security Spending And Preparedness In The Financial Sector: A SANS Survey