Financial Services Firms Stare into the Abyss as Data Breaches Rocket

BN-IR898_0602ma_J_20150601171209.jpg

According to a Freedom of Information request by Egress Software Technologies, the UK Information Commissioner’s Office notched up 791 breaches in this sector between 2012 and 2014, including 585 in 2014 alone. 

The company has clarified that not all of these were security-related - the figure for data security issues was 158. Institutions reporting breaches in these years included Barclays, HSBC, Lloyds Banking Group, NatWest, Nationwide and Santander.
Egress chief executive Tony Pepper said: “Today’s report casts some major concerns over the mistakes they’re making with the information entrusted to them, whether that be citizens’ personal details or highly confidential reports about the economic future of the country.
“It is staggering to see financial services firms reporting more than three times the number of incidents than the legal sector, which has recently come under fire from the ICO.
“It is interesting to note that the monetary penalties issued by the ICO to this sector have historically been so low.”

Pepper said the rise in breaches should be triggering alarm bells everywhere, as once the EU General Data Protection Regulation - still making its long, slow path through the Brussels machine - is passed, the sector could face meltdown.
Under the new laws, far more severe penalties could be levied against miscreants than are currently being dished out by the UK regulator.
DataIQ: http://bit.ly/1T0wbLb

 

« PwC says UK Security Breaches Often Not Reported
WhiteHat Security: Majority of Websites Are Vulnerable to Data Thieves »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Conscio Technologies

Conscio Technologies

Conscio Technologies is a specialist in IT security awareness. Our solutions allow you to easily manage innovative online IT awareness campaigns.

Superscript

Superscript

Superscript (formerly Digital Risks) is an insurance broker for small businesses, sole-traders, landlords and high-growth tech firms. Our services include Cyber Liability insurance.

Security Audit Systems

Security Audit Systems

Security Audit Systems is a website security specialist providing website security audits and managed web security services.

UPX Technologies

UPX Technologies

UPX Technologies is one of the largest digital security centers in Brazil providing full protection for data, networks and content.

Cybersecurity Defense Initiative (CDI) - University of Arkansas

Cybersecurity Defense Initiative (CDI) - University of Arkansas

The Cybersecurity Defense Initiative is a national cybersecurity training program, developed for technical personnel and managers who monitor and protect our nation's critical cyber infrastructures.

Clario Tech

Clario Tech

Clario is a simple, comprehensive, personalized protection app. It comes with a full suite of intelligent security software and intelligent people to help you live a better, safer digital life.

Evalian

Evalian

Evalian is a data protection services provider. Working with organisations of all sizes, we specialise in Data Protection, GDPR, ISO Certification & Information Security.

Havoc Shield

Havoc Shield

Havoc Shield is an all-in-one information security platform that includes everything a growing team needs to secure their remote workforce.

Profian

Profian

Profian’s hardware-based solutions maintain your data's confidentiality and integrity in use, providing true confidential computing to meet regulatory and audit requirements.

Istari

Istari

ISTARI is a new kind of cyber risk management company. We’re an agile collective of best-in-class capabilities and experts, who build ongoing partnerships with clients.

Troye Computer Systems

Troye Computer Systems

Troye provide a complete range of digital workspace solutions that empower people to do their very best work in a safe and secure manner anywhere, anytime, using any device.

M.Tech

M.Tech

M.Tech is a leading cyber security and network performance solutions provider. We work with leading vendors to bring optimal solutions to the market through a channel of reseller partners.

EkoCyber

EkoCyber

EkoCyber partner with businesses as a value-added MSSP to provide top-tier, trusted and transparent cyber security services at an affordable price point.

Catalyst Campus For Technology & Innovation

Catalyst Campus For Technology & Innovation

Catalyst Campus is a collaborative ecosystem to create community, spark innovation and stimulate business growth.

Apex

Apex

We aspire to make the AI revolution run faster, securely, for the benefit of all. We are purposely built for the new AI era and are creating capabilities to safely enable AI.

Bridgenet Solutions

Bridgenet Solutions

Bridgenet specialises as a top-notch Information and Technology Solutions Provider for businesses.