About half of banks and payment systems prefer to handle cyber incidents when they happen, rather than invest in tools to prevent them, says a survey conducted by Kaspersky Lab in cooperation with B2B International.
The survey was conducted to study the attitude of company representatives towards information security, including financial companies’ policies towards protection from online fraud.
According to the survey, 48% of financial organisations take measures to protect their clients from online fraud, aiming at mitigating the consequences rather than preventing incidents entirely. Moreover, 29% of companies believe it is cheaper and more effective to address cases of fraud as they occur, rather than to attempt to prevent them.
According to the responses given by the surveyed bank representatives and payment service operators, whenever a cyber fraud incident involving a client’s account occurs, only 41 % of organisations necessarily take measures to prevent such an incident from re-occurring in the future.
36% of companies conduct an analysis of the vulnerability exploited in the attack, and 38% compensate the losses. The most popular policy among companies is to try to find out who was behind the attack: two thirds (66%) of financial organisations do this.
“Relying solely on mitigating the negative consequences of fraud is similar to trying to treat the symptoms of an illness rather than its root cause. Kaspersky Lab recommends that you do not forget how important prevention is,” said Ross Hogan, Global Head of the Fraud Prevention Division, Kaspersky Lab.
“Each year, cybercriminals invent more and more sophisticated methods of attack, and if the banks do not have preventive measures in place, it enables further growth in the numbers of financial cybercrime and increased losse.”
Kaspersky Lab’s experts recommend that banks and payment services use comprehensive online fraud protection methods to protect the bank’s clients at several levels.