2012 Global Financial Services Industry Security Study
The 2012 Global Financial Services Industry (GFSI) Security Study, Breaking Barriers was published in September 2012. This is Deloitte’s eighth survey of information security practices in the financial services industry. The information was gathered from interviews and online surveys with over 250 of the world’s largest financial services institutions in 39 countries.
The report also drills down into specific geographies including Asia-Pacific, Europe, the Middle East and Africa (EMEA), Latin America and Caribbean (LACRO) regions, and specific countries like the U.S., Japan, the U.K. and Canada. The report is intended as a tool to help those in the financial services industry assess and understand the state of information security and privacy in their organisations relative to comparable financial institutions around the world.
Key findings in this report
The study reveals three major key findings that will dominate the financial services industry this year. They are:
- Increased coordinated activity among security and business groups: almost two thirds of respondents believe that their information security function and business are engaged; most organizations are using a Security Operation Center (SOC) model to monitor traffic and data and actively respond to incidents and breaches.
- Growing adoption of new technologies and security innovation: as the use of social media increases, 37 percent of respondents are revising organizational policies and 33 percent are educating users on social networking to address the security risks.
- Policing cyber threats and due diligence with data assets: almost half of the organizations surveyed (49 percent) claim to actively manage their vulnerabilities, with 82 percent also actively researching new threats to proactively protect their environment from emerging threats.
Trends and challenges in the insurance sector
This year’s study also outlines key trends and challenges faced by the Banking & Securities and Insurance sectors survey respondents. In the insurance sector key findings were:
- In response to breaches of customer data, nearly 70% of respondents’ information security programs have achieved Level 3 maturity or higher.
- Despite increased focus on protecting data from security breaches, approximately 40% of the 46 major insurance organizations have experienced one or more breaches in the past 12 months.
- According to a majority of insurance respondents, lack of sufficient budget and/or resources is the top barrier for an effective information security program for insurance organizations. The next most common barrier is lack of visibility and influence within the organization.