Banks Lack Confidence They Can Detect Data Breaches

Uploaded on 2017-03-08 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Financial

Consumers are quite confident banks and insurers can keep their data safe, but these organisations aren’t that sure.

Just one in five (21 percent) of financial service organisations admitted they’re "highly confident" they could detect a data breach. On the other hand, 83 percent of consumers trust banks and insurers with their data.

A new report by Capgemini has shown that financial institutions lack a significant amount of confidence when it comes to data protection.

Looking at the UK specifically, the figures didn’t change much. More than four-fifths (82 percent) of consumers trust financial institutions. The institutions, however, severely lack confidence. Just 19 percent are confident they could spot a data breach.

Capgemini say the level of consumer trust may be down to organisations not reporting on incidents. Just three percent of consumers believe their bank suffered a data breach, while in reality, 26 percent actually suffered a data breach in the last year.

"We’ve seen a mixed performance from the UK, with clear progress being made in preparation for GDPR (General Data Protection Regulation), but a clear gap in perception on the security performance of the UK financial industry.

The General Data Protection Regulation is a regulation by which the European Parliament, the European Council and the European Commission intend to strengthen and unify data protection for individuals within the European Union (EU).

The regulation was adopted on 27 April 2016. It enters into application 25 May 2018 after a two-year transition period and, unlike a directive, it does not require any enabling legislation to be passed by national governments.

“It’s not surprising the UK is doing well when it comes to GDPR though, as existing mandates such as the data protection law, while not mandatory, encourage the UK financial industry to meet these requirements already," comments Kristofer le Sage de Fontenay, head of UK Financial Service practice at Capgemini Consulting.

"What the UK should worry about is the gap in perception of trust in financial institutions from the public versus the reality. Currently we’re seeing consumers placing a lot of faith in the financial services industry when it comes to protecting their data.

“This may be due to the lack of data breaches disclosed by the industry. However, as GDPR comes into effect, expect this trust to be tested when banks and insurers are forced to reveal breaches.

“The industry should be making it a priority to ensure they are putting in the right threat intelligent solutions to protect their customers’ data and proactively informing them when a breach occurs.

“UK consumers are more likely than most to switch to a competitor should a breach occur. This means the industry needs to get its houses in order now, before it’s too late."

The drivers behind the GDPR are twofold

Firstly, the EU wants to give people more control over how their personal data is used, bearing in mind that many companies like Facebook and Google swap access to people's data for use of their services.

The current legislation was enacted before the internet and cloud technology created new ways of exploiting data, and the GDPR seeks to address that. By strengthening data protection legislation and introducing tougher enforcement measures, the EU hopes to improve trust in the emerging digital economy.

Secondly, the EU wants to give businesses a simpler, clearer legal environment in which to operate, making data protection law identical throughout the single market (the EU estimates this will save businesses a collective €2.3 billion a year).

When will the GDPR apply?

The GDPR will apply in all EU member states from 25 May 2018. Because GDPR is a regulation, not a directive, the UK does not need to draw up new legislation - instead, it will apply automatically. While it came into force on 24 May 2016, after all parts of the EU agreed to the final text, businesses and organisations have until 25 May 2018 until the law actually applies to them.

Beta News:    Wikipedia GDPR:    ITPro:

EU General Data Protection Regulation Finally Passes:

UK Parliamentary Committee Wish To Penalise CEOs for Cyber Breaches (£):

 

« Norway Says Cyber Attacks Came From Russia
Is It Possible To Neutralise Fake News? »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

National Centre of Incident Readiness & Strategy for Cybersecurity (NISC) - Japan

National Centre of Incident Readiness & Strategy for Cybersecurity (NISC) - Japan

NISC was established as a secretariat of the Cybersecurity Strategy Headquarters in collaboration with the public and private sectors to create a "free, fair and secure cyberspace" in Japan.

Joe Security

Joe Security

Joe Security specializes in the development of automated malware analysis systems for malware detection and forensics.

SAI360

SAI360

SAI360 (formerly SAI Global) provide products and services for enterprise risk management including Governance, Risk & Compliance and Digital Risk solutions.

Araxxe

Araxxe

Araxxe delivers Revenue Assurance, End-to-End Billing Verification and Interconnect Fraud Detection solutions to communication companies worldwide.

Elemendar

Elemendar

Elemendar Artificial Intelligence reads cyber threat reports written by humans and translates them into industry-standard, machine-readable and machine-actionable data.

APERIO

APERIO

APERIO, the global leader in industrial data integrity, helps its customers drive profitability and sustainability while mitigating risk in their industrial operations.

Carbonite

Carbonite

Carbonite offers all the tools necessary for protecting data from the most common forms of data loss, including ransomware, accidental deletions, hardware failures and natural disasters.

AnChain.AI

AnChain.AI

AnChain.AI's analytics platform proactively protects crypto assets by providing proprietary artificial intelligence, knowledge graphs, and threat intelligence on blockchain transactions.

10dot Cloud Security

10dot Cloud Security

10dot Cloud Security is a security service management company. Our solutions give you contextualised visibility into your network security.

Protek International

Protek International

Protek International delivers world-class Digital Forensics, eDiscovery, Cyber Security, and related Advisory services.

CRI Group

CRI Group

CRI Group excels at deterring, detecting and investigating crimes against businesses using a global network of professionals specially trained in Anti-Corruption, Risk Management and Compliance.

Park Place Technologies

Park Place Technologies

Park Place Technologies' mission is to drive uptime, performance and value for critical IT infrastructure.

AI Spera

AI Spera

AI-Driven Cyber Threat Intelligence Security. AI Spera provides real-time intelligence to empower your security competences in all aspects of the business.

Redpoint Cybersecurity

Redpoint Cybersecurity

Redpoint Cybersecurity is a human-led, technology-enabled managed cybersecurity provider specializing in Digital Forensics, Incident Response and proactive cyberattack prevention.

Zally

Zally

Using advanced behavioural biometrics and AI, Zally is the world's answer to next-generation security.

SecZone

SecZone

SecZone is a Chinese enterprise with a mission to "Make It Secure." We are dedicated to driving software security innovation globally.