Trust is a critical aspect of all business. Be it B2B or B2C, and nowhere is the concept of trust more deeply embedded than in the Financial services industry.
We trust banks with our money, insurance companies with our health and future and investment companies with our savings, and yet the recent IDC MaturityScape Benchmark: IT Security in Financial Services in Asia/Pacific (Excluding Japan) 2017 highlighted that the ability of these organizations to manage their own IT security may not be as advanced as we might expect.
The IDC MaturityScape Benchmark: IT Security in Financial Services in Asia/Pacific (Excluding Japan) 2017 studied the maturity of 106 financial services organization across Asia Pacific excluding Japan and found that, on a scale of 1-5 for IT security maturity, more than two thirds of all respondents (71.6%) were at either stage 1 (29.2%) or Stage 2 (42.4%).
“This is not what we had expected to see,” says Simon Piff, Vice President of Security Practice for IDC Asia Pacific. Piff adds, “The key issues at hand that resulted in this shocking statistic is very much about the way IT security is considered within organizations. Thinking that IT security is a problem for IT to solve is both short-sighted and does not embrace the full issue.”
“Organizations must think in terms of ‘business risk’ first then decide how IT can help mitigate some of these risks, and not simply assign an ‘IT’ label to it,” says Piff.
In the hyper-connected world of today, the methods by which threat actors will try to breach a network are many and varied, and traditional IT approaches of focusing on perimeter prevention, without investing sufficiently into network detection and remediation, is at that heart of the issue. “The bad guys are already on the inside, and we are all looking outside to see what we can stop thereby missing the advanced threat actors who can create the worst scenario for any business,” ends Piff.