Financial firms 'prone to lax cyber security practices'

A third of financial organisations discovered sensitive or regulated customer data outside of designated secure locations in the past 12 months, according to new research finding that financial services firms are prone to a range of insufficient cyber security controls that make them vulnerable to escalating cyber threats.

Netwrix surveyed 102 financial organisations, revealing that 40 per cent of respondents admitted that in the last year, while their IT teams granted direct access to sensitive data based solely on a user’s request.

On top of that, IT teams are overloaded with addressing data subject access requests (SARs) as a part of General Data Protection Regulation (GDPR) compliance, since 73 per cent of respondents report that DSARs put significant or moderate pressure on IT staff.

The research also showed that 70 per cent of unauthorised data sharing incidents led to data compromise, while 32 per cent of financial organisations have experienced a surge in SARs.

Meanwhile, 44 per cent of chief information security officers or chief information officers did not have or did not know whether they had key performance indicators to report on IT security and cyber risk.

“As the COVID-19 pandemic accelerates the rise of digital payments, financial organisations are generating more and more data, which makes the sector a tempting target for cyber criminals," said Ilia Sotnikov, vice president of product management at Netwrix.

"Poor access management practices and lack of control over sensitive data make the sector vulnerable to these increasing threats - organisations need to mitigate security risks by deploying technologies that enable them to regularly review and correct access permissions as well as to automatically discover their sensitive data enterprise-wide regardless of where it is located, and to move it to a secured storage."

    Share Story:

Recent Stories

The Rise of Instant Payments
Instant payments are creating new business opportunities for banks by providing more touchpoints than ever. With these evolutions underway, Featurespace brought leading industry experts together to discuss how they are protecting customers from fraudsters in real time, utilizing innovative and disruptive solutions to reduce fraud. Click here to find out more.

Offloading Cyber Risk in the Cloud
As cyber attacks and data breaches are in the news on an increasingly regular basis - with regulatory penalties and customer trust on the line for financial services firms - it has never been more crucial to be compliant in the cloud.

This video, with Akamai’s EMEA director of security technology and strategy Richard Meeus, will help explain what your company can be doing to make sure it’s not embroiled in the next big fine or front-page scandal.