Banks Lack Confidence They Can Detect Data Breaches

Uploaded on 2017-03-08 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Financial

Consumers are quite confident banks and insurers can keep their data safe, but these organisations aren’t that sure.

Just one in five (21 percent) of financial service organisations admitted they’re "highly confident" they could detect a data breach. On the other hand, 83 percent of consumers trust banks and insurers with their data.

A new report by Capgemini has shown that financial institutions lack a significant amount of confidence when it comes to data protection.

Looking at the UK specifically, the figures didn’t change much. More than four-fifths (82 percent) of consumers trust financial institutions. The institutions, however, severely lack confidence. Just 19 percent are confident they could spot a data breach.

Capgemini say the level of consumer trust may be down to organisations not reporting on incidents. Just three percent of consumers believe their bank suffered a data breach, while in reality, 26 percent actually suffered a data breach in the last year.

"We’ve seen a mixed performance from the UK, with clear progress being made in preparation for GDPR (General Data Protection Regulation), but a clear gap in perception on the security performance of the UK financial industry.

The General Data Protection Regulation is a regulation by which the European Parliament, the European Council and the European Commission intend to strengthen and unify data protection for individuals within the European Union (EU).

The regulation was adopted on 27 April 2016. It enters into application 25 May 2018 after a two-year transition period and, unlike a directive, it does not require any enabling legislation to be passed by national governments.

“It’s not surprising the UK is doing well when it comes to GDPR though, as existing mandates such as the data protection law, while not mandatory, encourage the UK financial industry to meet these requirements already," comments Kristofer le Sage de Fontenay, head of UK Financial Service practice at Capgemini Consulting.

"What the UK should worry about is the gap in perception of trust in financial institutions from the public versus the reality. Currently we’re seeing consumers placing a lot of faith in the financial services industry when it comes to protecting their data.

“This may be due to the lack of data breaches disclosed by the industry. However, as GDPR comes into effect, expect this trust to be tested when banks and insurers are forced to reveal breaches.

“The industry should be making it a priority to ensure they are putting in the right threat intelligent solutions to protect their customers’ data and proactively informing them when a breach occurs.

“UK consumers are more likely than most to switch to a competitor should a breach occur. This means the industry needs to get its houses in order now, before it’s too late."

The drivers behind the GDPR are twofold

Firstly, the EU wants to give people more control over how their personal data is used, bearing in mind that many companies like Facebook and Google swap access to people's data for use of their services.

The current legislation was enacted before the internet and cloud technology created new ways of exploiting data, and the GDPR seeks to address that. By strengthening data protection legislation and introducing tougher enforcement measures, the EU hopes to improve trust in the emerging digital economy.

Secondly, the EU wants to give businesses a simpler, clearer legal environment in which to operate, making data protection law identical throughout the single market (the EU estimates this will save businesses a collective €2.3 billion a year).

When will the GDPR apply?

The GDPR will apply in all EU member states from 25 May 2018. Because GDPR is a regulation, not a directive, the UK does not need to draw up new legislation - instead, it will apply automatically. While it came into force on 24 May 2016, after all parts of the EU agreed to the final text, businesses and organisations have until 25 May 2018 until the law actually applies to them.

Beta News:    Wikipedia GDPR:    ITPro:

EU General Data Protection Regulation Finally Passes:

UK Parliamentary Committee Wish To Penalise CEOs for Cyber Breaches (£):

 

« Norway Says Cyber Attacks Came From Russia
Is It Possible To Neutralise Fake News? »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

InfoSec People

InfoSec People

InfoSec People is a boutique cyber and technology recruitment consultancy, built by genuine experts.

Proact IT Group

Proact IT Group

Proact is Europe's leading independent data centre and Cloud services enabler. We deliver flexible, accessible and secure IT solutions and services.

Cyber Security Challenge UK

Cyber Security Challenge UK

Cyber Security Challenge UK is a series of national competitions, learning programmes, and networking initiatives designed to identify, inspire and enable more people to become cybersec professionals.

Cyber Craft

Cyber Craft

CyberCraft is an innovative and dynamic software development, outsourcing and consulting company. Services offered include penetration testing.

AXA XL

AXA XL

AXA XL is the P&C and Specialty Risk Division of AXA. Professional insurance products include Cyber Insurance.

Sternum

Sternum

Sternum provides reliable and effective endpoint security for any IoT device, using robust technology and seamless integration.

Brighter AI

Brighter AI

Brighter AI empowers companies to use publicly-recorded camera data for analytics & AI while being compliant with increasing data privacy regulations worldwide.

GMV

GMV

GMV is a technological business group offering solutions, services and products in diverse sectors including Intelligent Transportation Systems, Cybersecurity, Telecoms and IT.

CybX Security LLC

CybX Security LLC

CybX is the first company of its kind to merge the practice of computer forensics with computer security and information security.

InGuardians

InGuardians

InGuardians is an independent information security consulting firm specializing in penetration testing, threat hunting, and hardware hacking.

GBT Technologies

GBT Technologies

GBT Technologies is a technology company focused on chip design and software to enable IoT, global mesh networks, and for applications relating to artificial intelligence.

Securix

Securix

SECURIX AG delivers holistic IT security solutions that are tailored to the specific challenges and requirements of your company.

Celebrus

Celebrus

Celebrus Fraud Data Platform, by D4t4 Solutions, works with existing fraud structures to augment functionality and turn fraud management into true fraud prevention.

RiskOptics

RiskOptics

RiskOptics (formerly Reciprocity) equips organizations with one of the most intuitive and powerful information security and cyber risk management solutions in the market.

Avalon Cyber

Avalon Cyber

Arm your organization in the fight against cyberattacks by partnering with the experts at Avalon Cyber.

Certcube Labs

Certcube Labs

Certcube Labs provide a broad range of services in the areas of Assessments, Development, Risk Advisory, Blockchain, Forensics Investigations, Managed Security Solutions, and IT Security Trainings.