2012 DTTL Global Financial Services Industry Security Study

Breaking Barriers


2012 DTTL Global Financial Services Industry Security Study The 2012 Global Financial Services Industry (GFSI) Security Study, Breaking Barriers was published in September 2012. This is Deloitte’s eighth survey of information security practices in the financial services industry. The information was gathered from interviews and online surveys with over 250 of the world’s largest financial services institutions in 39 countries.

The survey shows that Australia and APAC lead the world when it comes to prioritising governance on IT Security and believe their expenditure on information security is on or above plan. 

The study found that the FSI organisations which include 11 of the leading 100 global banks by revenue and 24 of the leading 100 global insurance organisations are more proactive in implementing innovative security measures, and creating greater awareness of information security within the business than in previous years. 

With the exception of Canada and Japan, more than 50% of respondents reported an increase in their information security budgets. And although one in three financial institutions in Asia Pacific endured a privacy related breach in the last year, in the US 50% of all financial institutions were breached, and in the UK more than two out of three financial services organisations were breached. 

The survey highlights that the three greatest technology related risks perceived by the sector were financial fraud involving information systems, employee errors and omissions and breaches of information. 

On a global scale, the study reveals three major key findings that will dominate the financial services industry this year:

  • The barriers and silos that financial firms will begin to crumble to establish stronger relationships and coordinated activities between the information security function and businesses
  • The adoption of new technologies will require constant security innovation
  • The increasing need for policing cyber threats to safeguard data assets. 

This document is intended as a tool to help those in the financial services industry assess and understand the state of information security and privacy in their organizations relative to comparable financial institutions around the world.