FinJan surveyed nearly 1,400 IT security professional in August about the state of their Web security policies. In a special data cut looking at responses from just financial services companies, the results are about what you might expect. When it comes to Web 2.0 sites, there’s no real consensus. About a third have no policy on whether users can navigate to Web 2.0 sites; 24 percent allow the content. The rest provide some form of blocking, either based on white lists, non-productive content, or a blanket block of all Web 2.0 sites.
Here’s a stat you don’t really want the board of directors to hear about: 35 percent say they’re “not sure” if their systems have ever been breached by malware; 27 percent say they have, and 38 percent say they haven’t.
Here’s one place where—not surprisingly—financial IT security professionals diverged from the population as a whole. A whopping 65 percent say they are most worried about customer information being stolen, compared with only 47 percent of the overall group.