Banks spend 3x more on IT security than non-financial entities

Security investment is a high priority for banks and financial institutions. Suffering from attacks on both their own infrastructure and on their customers, retail banks spend three times as much on IT security as comparably sized non-financial institutions.

Veniamin Levtsov, Vice President, Enterprise Business at Kaspersky Lab, says:

"Combating the constantly changing threats targeting their own IT infrastructure and customer accounts is an everyday challenge for financial institutions. To put an effective response in place - that protects all points of vulnerability - requires the financial services industry to have several key components: build a highly integrated anti-targeted attacks protection, embrace multi-channel anti-fraud security and get actionable intelligence on evolving threats."

Despite banks putting serious efforts and budgets into safeguarding their perimeters against known and unknown cyber threats, protecting the breadth of IT infrastructure that now exists - from traditional to specialised, ATMs and Point-of-Sale terminals - has proved difficult. The increased take-up of mobile banking, for example, which puts banks' IT infrastructure defenses at increased risk of cyber attack, is one of the key reasons why financial institutions are so concerned about ramping up security.

Some 42% of banks predict that an overwhelming majority of their customers will use mobile banking within three years, but admit that users are too careless in their online behaviour. The majority of the banks surveyed admitted that their customers are frequently under attack from phishing attempts, with 70% of banks also reporting financial fraud incidents as a result, leading to monetary loss.

While no immediate solution has been identified to curtail the threats, sharing information between institutions will at least help banks to identify new and emerging threats quickly.