Digital transformation ‘increases security risk’
Written by Peter Walker
Digital transformation is driving turmoil among financial services organisations and leaving sensitive data at risk, according to the 2018 Thales Data Threat Report.
The security firm’s analysis suggested that the industry has hastily entered the digital transformation era, but this is not balanced with appropriate security measures. Almost two thirds (65 per cent) of financial services firms have now suffered a data breach, with 28 per cent having suffered a breach in the past year.
While new technologies - including cloud, mobile payments, blockchain, the Internet of Things (IoT), machine learning and artificial intelligence - help meet increased consumer and business demands for improved services and experience, Thales argued that the industry opens itself up to new avenues for attacks and breaches.
Cloud usage with sensitive data is especially high in the financial services industry at 76 per cent, with multiple cloud usage is also high with 60 per cent of organisations using more than 25 software as a service applications.
But security spending is up but not aligning with the new risks, according to Thales. While 78 per cent of firms reported a spending increase on IT security, they are not spending in the right areas. The majority (72 per cent) of IT security professionals acknowledge data-at-rest defences are most effective at protecting data, but only 38 per cent registered a spending increase for those specific tools.
Garrett Bekker, principal analyst for information security at 451 Research, said there is a “Groundhog Day phenomenon” where the times have changed, but security strategies have not.
“Organisations need to change how they protect their data. With increasingly porous networks and expanding use of external resources (SaaS, PaaS and IaaS most especially), traditional endpoint and network security are no longer sufficient safeguards,” he added.
Peter Galvin, chief strategy officer at Thales eSecurity, concluded that encryption is proven to be the most effective technology to protect data, wherever it resides, as well as help meet compliance mandates.
“As new technologies such as cloud IoT and mobile payments are increasingly adopted by financial organisations looking for a competitive edge, the security risks they bring must be addressed.”