As our financial markets continue to evolve and develop, so do the cyber security risks, driven by cyber criminals. Staying even a step ahead has proven somewhat challenging for many firms operating in the global financial markets as the total costs of cyber security spending are set to reach $76.9 billion by the end of 2015. This however, is a small cost to pay, relatively, as many firms face average costs of $3 million to $5 million for each data breach they experience.
Archaic and dilapidated IT systems are to blame for a significant number of security breaches. A number of factors have caused this, including the information gap between IT technicians with understanding of old systems have retired, making it somewhat challenging for new IT technicians to understand how to make such systems operate effectively and harmoniously with the new systems, without leaving financial firms vulnerable to security breaches. The likes of Royal Bank of Scotland have seen the consequences of the difficulty that is experienced with trying to achieve this as they were fined £56 million for an IT meltdown in 2014.
Further to this, is the greater transfer of information to the digital space. Cost-cutting measures and attempts to remain versatile in a digital age have led many firms to close branches and make more of their services available online. While such actions can be seen as proactive, adapting to the changing consumer sentiment, they bring multiple consequences in the form of more pathways for hackers to exploit. These vulnerabilities are made ever more attractive by the incapability of many firms to develop effective response plans to breaches of security. This is exemplified by a survey, which found that it took many firms an average of 229 days to discover breaches.
The consequences and extent of these breaches cannot be ignored. 81 per cent of large organisations and 60 per cent of small businesses have been subject to data breaches involving unauthorised access to customer details and trading information.
In spite of these rather negative implications, financial firms should still be commended for the many steps they have made to strengthen their defences against security breaches. Blackrock for example, continues to implement ring fencing techniques to minimise the risks of the different partitions of their information being stolen. The impetus for biometric technology is being provided by other industry leaders such as Bank of America and Royal Bank of Scotland who seem to have placed considerable importance on the implementation of biometrics to their security systems.
Ironically, there are some risks that arise from attempts to curb the increase in cyber security threats. Fingerprint security for example, can be undermined through complex cloning techniques. Unlike a password, new fingerprints cannot be made to avoid further breaches by a hacker who has the fingerprint information. Further to this, insufficient training makes it harder for new security measures by financial firms to be fully effective.
It seems as though the true key to success against cyber criminals will be found through greater intervention from regulators and greater collaboration between financial firms. US financial regulators are steps ahead of their UK counterparts, with stronger reporting requirements and consequences for firms with weak security systems. However, new European regulations set to take effect in 2017 and the UK government’s actions to increase data sharing between software applications of banks could be the remedies that set the precedence for increased responsibility at among firms and reductions in the transfer of sensitive data to third party operators.
The global economy suffers from losses of as much as $400 billion a year as a result of online crime. What is more alarming is the reputational costs that can be incurred from such crimes. Unlike monetary costs, reputational costs are not so easily recoverable. Decades of trust established by many financial firms could easily be shattered if regulators and financial firms do not hasten their steps. As one considers the reputational risks of these security breaches, it becomes ever clearer how insignificant the short-term costs of cyber security are compared to the long term costs.
Breakfast Briefing: Big Tech Lobbying, Ethereum Games & China
Big Tech Steps Up Lobbying Big tech companies are lobbying the White House to increase their influence in Washington. Amazon,...
How Large an Issue Is Corruption in South Africa?
Talking to 170 South African business leaders, 24 (14.3%) considered corruption to be the number one obstacle for doing business...
China’s Race to Become an AI Super Power
Over sixty years ago, in what is today southern Kazakhstan, the Soviet Union launched the world’s first artificial satellite into Earth’s...
Life at Mogul: Episode 9
This week, our BizDev analysts Cem and Chris discuss what they have in store for The Market Mogul community and...