Federal regulations on cyber security lead to revenue loss
Even though 87 percent those surveyed in the financial service industry agree that current regulatory changes are very important or critical to keeping their companies and industry secure, new federal guidelines were having an adverse impact on their businesses, according to Radware.
Survey respondents revealed that revenue loss (58 percent), business disruption (57 percent) and productivity loss (54 percent) ranked highly as the biggest consequences of new federal guidelines for the financial services sector. Four in ten respondents stated that federal regulations were adversely affecting bottom line results, causing a significant impact to IT CAPEX and OPEX.
The survey also uncovered that while nearly all claim to be very or somewhat familiar with new guidelines, a substantial number, both in financial services and other industries, are still unaware of the specific regulations that would impact their business such as the Federal Financial Institutions Examination Council (FFIEC) Joint Statement on DDoS Cyber Attacks and Risk Mitigation.
In order to manage new guidelines, respondents cited investing in new or specialized technologies as the most common approach (53 percent) to currently dealing with these issues, followed by changing security processes, protocols and mandates (49 percent) and creating new security models (47 percent). 43 percent said they assigned extra budgets, with an average increase of 14 percent to address new federal regulations.
Results also show that escalated expenditures and resources were not the only concern. 86 percent of financial services respondents are more concerned about the possibility of cyber-attacks than non-financial organizations, and believe their businesses are ill-prepared to safeguard against them.
A small amount of respondents stated their business does not have a strategy for protecting against DDoS attacks (eight percent).
Key findings:
- Unauthorized access (48 percent), theft of IP (47 percent), sabotage (47 percent), and worm and virus damage (46%) are the most harmful attacks to the business
- Loss of revenue (39 percent) tops the list of negative outcomes resulting from a cyber attack, followed by loss of customers (38 percent)
- 63 percent of respondents indicated a willingness to adopt application and network security best practices from another industry
- 80 percent of respondents place a critical or very high degree of importance on the federal government imposing stricter regulations around application and network security
- 84 percent expect network and applications security to be more tightly regulated by the government over the next 12 months
- 35 percent expect the frequency of cyber attacks in increase over the next year, while 44 percent anticipate the number of attacks to remain the same
- 58 percent of survey respondents have filled out a Security and Exchange Commission questionnaire for compliance in the past 12 months.
Radware commissioned an in-depth survey from IDG Research Services. Chief among the respondents were CIO/CTOs representing the financial services industry with global annual sales of $5 billion or more.