EDA publishes key risks for financial institutions

EDS has published crucial risk priorities that financial institutions must consider to minimize the possibility of security breaches.
Securing data outside the organization was listed as the top priority. Because regulators demand that non-public personal information be backed up and stored off-site, the danger of the storage mediums being lost or stolen during shipping arises.
Security and privacy controls of service partners ranked second. Ultimately, financial institutions are responsible for the actions of their service partners, ensuring that their security capabilities are sufficient a key risk management priority.
Third is insider threat systemic problems and accidental employee actions are the most frequent form of potential data loss, an EDS statement says.
Wireless woes rang in at fourth. Wireless devices improve productivity, increase business agility and reduce costs, but mobile non-public information must be secure.
Proactive, rather than reactive approaches to security was suggested to protect against the fifth risk, evolution of criminal schemes.
Identity and access management, or ensuring that system and application access is limited to those in roles with a need to know, is one of the challenges. The risk can be addressed through the integration of human resources systems with underlying access control systems.
Regulations also ranked on the list. In North America, highly publicized security breaches and regulatory change are placing an increased emphasis on institutions data security.