Deloitte Touche Tohmatsu   Deloitte Touche Tohmatsu
Global > Industries > Financial Services    
Global Security Survey 2004
Deloitte's annual Global Security Survey measures the state of IT security at the top global financial services firms

Practitioners from Deloitte's Global Financial Services Industry practice conducted face-to-face interviews with senior information technology executives of the top 100 global financial services organizations. Questions related to governance, investment, value, risk, responsiveness, use of security technologies, quality of operations, and privacy.

The survey results, published in May 2004, provide a global benchmark for the state of security in the financial sector.

The survey reported that the majority of global financial institutions have had an external attack on their information technology systems within the last year and many of these breaches resulted in financial loss. But even with security attacks on the rise, the largest number of respondents (25%) reported flat security budget growth.

Eighty-three percent of respondents acknowledged that their systems had been compromised in the past year, compared to only 39% in 2002. Of this group, 40% stated that the breaches had resulted in financial loss to their organization.

"Financial institutions, particularly security officers, are facing greater challenges than ever," says Adel Melek, global leader of Deloitte's IT Risk Management & Security Services, Global Financial Services Industry. "They are fighting an on-going battle to overcome evolving security threats and to comply with an increasingly stringent regulatory environment but, at the same time, resources have stagnated."

The survey also found that companies are sliding backwards when it comes to the use of security technologies. While more than 70% of respondents perceived viruses and worms as the greatest threat to their systems in the next 12 months, only 87% of respondents had fully deployed anti-virus measures. This result is down from 96% in 2003.

On the upside, the survey revealed some significant advancements and trends in the right direction. Financial institutions showed improvement in complying with regulations, as two-thirds (67%) of respondents indicated they have a program for managing privacy (compared to 56% last year). In addition, the majority (69%) felt that senior management is committed to security projects needed to address regulatory requirements.

"Today's IT professionals are under pressure to balance the fine-line between openness and exposure while meeting stakeholder demands,” says Melek. “They are hard-pressed to facilitate growth and profitably, while managing the costs required to maintain sufficient security levels," says Melek.

Other key findings of the survey:

  • While the majority of respondents (59%) indicated security is a key part of their solution, only 10% of respondents reported that their general management perceives security as a business enabler.
  • While 91% of respondents indicated they have a comprehensive IT disaster recovery plan in place, only half (51%) of respondents took into account personnel within their business continuity plans.
  • One third (32%) of respondents felt that security technologies acquired by their organizations were not being utilized effectively.
  • Only one quarter (26%) of respondents felt that their strategic and security technology initiatives were well aligned.
  • Identity management and vulnerability management are the two most common technologies that financial services are piloting or intend to deploy over the coming 18 months.
Attachments
Global Financial Security Survey 2004 (487 KB)
Published 17-May-2004; 36 pages

Contact us for more information
 
Page Last Updated: May 17, 2004
Source: Deloitte Touche Tohmatsu (English)

Print This Page    Email To A Colleague
  Security | Legal | Privacy    

© 2008 Deloitte Touche Tohmatsu. About Deloitte Global 

Deloitte RSS Feeds | Site MapBookmark