Home » Bank Relationship Management & KYC » e-Identity

Treasury is prime target for cyber-criminals

A survey report by the Economist Intelligence Unit (EIU) into cybersecurity among corporate treasury departments found that, while most treasurers say their companies are implementing basic security measures, serious gaps in corporate defence remain. The report – Third-party risks: the cyber dimension – which is sponsored by Deutsche Bank, underlines that corporate treasury is a top target for cyber-criminals and that the majority of treasury departments have moved quickly to strengthen their online security by introducing rigorous testing to check for vulnerabilities.

The report highlights the following key findings:

  • 19 per cent of companies do not check whether their suppliers use the same methods for identity authentication as they do. This leaves an open door for fraud.
  • According to 18 per cent of companies surveyed, only a minority of clients and suppliers follow the same or similar regulatory and compliance rules as they do.
  • Because 14 per cent of companies do not insist that information security requirements which currently apply to third parties also be extended to their subcontractors, they are giving cyber-criminals the opportunity to steal data.
  • Internal penetration testing is performed by 92 per cent of companies. However, 33 per cent do not conduct external testing, leaving a worrisome gap that can be exploited.
  • Only 38 per cent of companies require all of their third parties and suppliers to perform penetration testing. This may be risky, given the increasing number of data and other network security breaches that have been reported.

The research was conducted between April and July last year and 300 senior corporate treasury executives were surveyed.

The report also looks at what treasurers can do to ensure that a weakness or mistake in the department isn't the cause of the next damaging security breach for their company. It identifies five sets of people and processes that interact with treasury and could pose security weaknesses, as well as suggesting some ways to improve cybersecurity in treasury processes. For more detail read the report here: Third-party risks: the cyber dimension


This item appears in the following sections:
Bank Relationship Management & KYC
e-Identity
Operations
Best Practices & Benchmarking in Operations
Risk Management
ERM - Enterprise Risk Management
ID Systems & Services in Fraud Prevention
Minimizing Fraud Procedures
Minimizing Payment Fraud
Global Cash & Liquidity Management

Also see

Comments

No comment yet, why not be the first?

Add a comment