Extra staff needed to boost bank IT security

The number of suspicious and unauthorised intrusions into bank computer systems could be reduced by boosting security staff levels and improving governance over outsourcing.

Lynn Lawton, international president of the Information Systems Audit and Control Association, said that unauthorised intrusions and bank account losses at US financial institutions has increased, and the cost to the banks per incident has soared.

Lawton also said that IT staffing levels are an increasing worry for managers, as is their reliance on external outsourcing.

"If banks are to reduce the number of intrusions on their systems, and so regain the customer trust lost in recent years, they need to implement improved IT governance based on frameworks such as Cobit, " she said.

"This includes consideration of resourcing, training, control automation and the monitoring of internal and external performance and controls."

Lawton explained that, although the financial sector is ahead in implementation of IT governance, there are still 25 per cent of financial sector respondents not yet doing anything about the problem.

"Good governance has been shown to have a positive effect on share value, and should help to attract and retain business too," she said.