In this session Bob Bragdon, Senior Vice President and Publisher of CSO, and Piero DePaoli, Sr. Director for Security and Risk, ServiceNow, explore how respondents in 2 specific industries – financial services and healthcare – are handling threats.
The survey found that both sectors had similar responses regarding breaches: 45% of financial services companies have had one or more breach in the last 2 years, and 50% of healthcare organizations. But the survey also revealed that financial services organizations appear better at handling those breaches. Why is this the case?
“First, [financial services organizations] are less dependent on the manual processes,” says Bragdon. “Only 55% of financial service firms use email and spreadsheets to manage their patch process versus 63% of healthcare organizations. Secondly, financial services firms are also more aware of known patch-related risks. Forty-seven percent of them were breached due to an unpatched known vulnerability versus 58% for healthcare organizations. Neither are stellar, but there’s a clear difference.”
What’s more, financial services has significantly more resources dedicated to cybersecurity. The average headcount, for example, is 48, versus 22 in healthcare.
“It’s really clear that financial services institutions are significantly better funded for this,” says DePaoli. “Security organizations in financial institutions tend to be more mature and they’re also earlier adopters of newer technologies as they’re really – they’re likely to get targeted more than others and they really want to stay ahead of it.”