As banks and other large companies spend large amounts of money on building firewalls and using complex technology to fortify their systems, it is often their own employees who are letting identity thieves in the door.
The largest banks are expected to spend tens of billions of dollars on cybersecurity this year, an increase of as much as 15% over 2010, as they rush to comply with new rules that require them to strengthen customer-authentication procedures and beef up other fraud detection measures, said Avivah Litan, an analyst with Gartner Research. But the success of low-tech approaches such as Mr. Patten's shows that increased spending alone won't be enough to insulate the banks, which are chock full of valuable data.

The link for this article located at Wall Street Journal is no longer available.