Around half of banks and payment systems prefer to handle cyber incidents when they happen, rather than invest in tools which can prevent them – new research has found.

Some 48% of financial organisations said they take measures to protect their clients from online fraud, aiming at mitigating the consequences rather than preventing incidents entirely.

The study, conducted by software security group Kaspersky Lab in cooperation with B2B International, also found that 29% of companies believe it is cheaper and more effective to address cases of fraud as they occur, rather than to invest in preventative measures.

Ross Hogan, global head of the fraud prevention division at Kaspersky Lab, said a change of attitude among financial organisations is needed, as cyber attacks continue to impact banking, retail and the wider business community.

"Relying solely on mitigating the negative consequences of fraud is similar to trying to treat the symptoms of an illness rather than its root cause," he explained.

"The symptoms will recur, and the illness will progress. In this respect, Kaspersky Lab recommends that you do not forget how important prevention is. Many of the world's leading banks have acknowledged this and have implemented 'root cause fraud prevention', but alarmingly many still rely on 'reactive fraud detection'."

When a cyber fraud incident involving a client's account occurs, only 41% of the bank and finance representatives questioned for the survey said their organisations take measures to prevent such an incident from re-occurring in the future. Some 36% of companies conduct an analysis of the vulnerability exploited in the attack, while 38% compensate the losses.

Kaspersky said the most popular policy among companies is to try to find out who was behind the attack, with 66% of financial organisations following this route.

The findings were published in The IT Security Risks Survey 2015, which involved more than 5,000 company representatives, including 131 banks' and payment services' representatives, from 26 countries.

Hogan added: "Each year, cybercriminals invent more and more sophisticated methods of attack, and if the banks do not have preventive measures in place, it enables further growth in the numbers of financial cybercrime and increased losses."

Click below for more information:

Kaspersky Lab

B2B International