At a time when financial institutions are becoming more reliant on web technology to deliver innovative features and services to their customers, hackers are increasingly targeting web applications. According to a recent IBM Internet Security Systems X-FORCE™ research and development team report, 49 percent of all vulnerabilities disclosed so far are web application vulnerabilities.
Undetected vulnerabilities in web applications or web services can leave financial institutions at risk of security breaches from external or even internal sources. The opportunity to introduce risk increases with the growing variety of devices that allow their customers to access their financial data as well. And network security measures such as firewalls and intrusion detection systems do not address the risks presented by vulnerable web applications, which often expose valuable and confidential back-end resources, such as databases that contain confidential customer data.
Unfortunately, these are not the only issues financial institutions are facing. Compliance with regulations such as the Payment Card Industry Data Security Standard (PCI DSS), Children’s Online Privacy Protection Act (COPPA), Gramm-Leach-Bliley Act (GLBA) and Sarbanes-Oxley Act can be a challenge. So, finding a cost-effective way to protect your systems, applications, private data and customer information while supporting compliance with applicable regulations is a top priority.