Publications
Partners
Cape Town - Financial firms are more interested in mitigating cyber attacks than preventing them, a new survey has found.
According to a survey by security company Kaspersky Lab and B2B International, 48% of financial organisations took measures to deal with online fraud rather than prevent incidents.
Just under a third (29%) believe that it's cheaper to address the fallout from fraud rather than try to prevent them, the IT Security Risks Survey 2015 found.
"Relying solely on mitigating the negative consequences of fraud is similar to trying to treat the symptoms of an illness rather than its root cause. The symptoms will recur, and the illness will progress," said Ross Hogan, global head of the Fraud Prevention Division at Kaspersky Lab.
The survey - which was conducted with 5 000 company representatives, including 131 banks and payment services from 26 countries - found that even when online fraud involving a client occurred, only 41% of companies took measures to prevent the incident from happening again.
Bank theft
Company policies focused on who was behind the attack in 66% of cases, while only 38% compensated victims for their losses.
"Each year, cyber criminals invent more and more sophisticated methods of attack, and if the banks do not have preventive measures in place, it enables further growth in the numbers of financial cybercrime and increased losses," Hogan said.
Cyber fraud gang Carbanak stole up to $1bn from over 100 financial institutions over a two year period. The cyber criminals targeted bank employees to compromise accounts.
In the US, President Barack Obama has called for legislation to compel companies to share information of cyber attacks, especially where customer information has been compromised.
Research by IBM and the Ponemon Institute found that employee negligence was responsible for 40% of breaches in 2014.
In SA, underwriter Candice Sutherland found that losses due to the loss of corporate data amounted to at least R5.8bn which can also be attributed to organisational negligence, rivals and hackers.
"The internet is a very efficient way for the fraudster to operate. They stay anonymous. More recently, people have become victims through dating websites," Independent Identity Verification expert Dawid Jacobs told Fin24, referring to the theft of personal and financial data from cheating website AshleyMadison.com.
- Follow Duncan on Twitter
