Kaspersky Lab: Financial Institutions and E-Commerce – are their minds on the security of your money?

Most people would imagine that protecting payment data would be the top priority for any business that deal primarily with online financial transactions. However,  according to a Kaspersky Lab survey of more than 3,900 IT professionals worldwide, financial organisations (banks and service providers) and e-Commerce providers (online retailers) don’t see the protection of financial information as more important than any other business…and in some cases, they believe it’s much less important than average.

IT Departments’ Security Concerns of Financial Institutions and E-Commerce:

According to the survey, e-Commerce as an overall industry segment pays significantly less attention to guarding sensitive payment information and protecting their systems from IT security breaches. This seems counter-intuitive from what might be expected of a company that exists solely to process online transactions, but the responses regarding almost all aspects of e-Commerce security were notably lower than the average responses of traditional businesses.

For example, the survey asked each business about the top concerns of the IT department:

• The highest overall response was “Protecting highly-sensitive data (including financial information) from targeted attacks,” an answer given by an average of 34% of businesses. The responses from the e-Commerce segment were lower than this average, at 28%. This was rated as a top concern by 38% of Financial Institutions, the second-highest response rate.

• The second-highest overall priority of the IT department was “Preventing IT security breaches,” given by 29% of all businesses. Again, the responses from the e-Commerce section were lower than average, at 22%. While it was rated at 30% by Financial Institutions, again the second-highest response rate for this task.

It should be noted that the e-Commerce segment wasn’t just “lower than average” for these questions…the e-Commerce segment’s responses were the lowest of all business segments. So if the IT departments of e-Commerce businesses aren’t focused on preventing targeted attacks, data breaches, or network outages, then what are they focused on? “Client Management” was the one response that e-Commerce businesses ranked far higher than any other business (34%, compared to an average of 17%).

At the same time these figures show that while the IT departments of e-Commerce businesses didn’t have security top-of-mind, financial institutions told a different story when responding to the same question, giving second-highest response rates.

These differences in attitudes towards the security of financial information was evident in other questions as well. When all the responses were added up, the survey found that 37% of Financial Institutions rated any sort of internal or customer financial data as the most damaging type of data they could possibly lose, the highest response rate of all business segments. E-Commerce lagged behind at 21%, the second-lowest.

An interesting convergence of opinions occurred around responses less focused on financial information and more focused on customer information in general. Losing “customer/client information” was ranked as highly-damaging by 29% of Financial Institutions, and this time, e-Commerce wasn’t as far behind at 21%.

However, , the biggest divergence on this question involved the importance of intellectual property. E-Commerce businesses rated “intellectual property” and “market intelligence/competitive intelligence” as the two types of data they fear losing the most, and rated these higher than any other segment at 21% and 18%, respectively. In comparison, “intellectual property” was rated as data they “most feared” losing by only 7%, of Financial Services businesses, with “market intelligence/competitive intelligence” at 9%.

While businesses in the financial institution segment show a more firm commitment to data security then e-Commerce, both segments can benefit from a renewed focus on service continuation planning, and e-Commerce businesses should take the opportunity to bolster their overall security posture as well.

Designed specifically for banks, payment systems and e-commerce companies, the Kaspersky Fraud Prevention platform allows for specialised monitoring and advanced protection on the servers of the business, as well as on the desktops of the business’ customers, combined to ensure a secure transaction and protection of financial data once stored. At the same time, Kaspersky Endpoint Security for Business leverages the real-time data and analysis obtained by the company’s security experts, who designed this suite specifically to thwart targeted attacks and software exploits.

To learn more about the security solutions that can help organisations, please go to web pages of Kaspersky Fraud Prevention platform and Kaspersky Endpoint Security for Business.