The rapid digitization of the financial services industry has brought with it a corresponding spike in security breaches from sensitive data left exposed, a new study said.
In the U.S., some 65 percent of banks have been hit with a data breach, 36 percent in just the past year, a figure that has more than doubled in the past two years, according to the 2018 Thales Data Threat Report, Financial Services Edition. The study blames insufficient security, advanced attacks and strict new regulations for causing turmoil among financial services organizations that has put data at risk.
In describing the security landscape in the financial services industry, Thales, a cybersecurity and defense solutions provider, suggested the segment is uniquely subject to security risks because key pieces of the business, such as financial data in accounts and investments and personal data on account holders, both creates and increases risk.
When new technologies that can be exploited by hackers, such as the cloud, containers, mobile payments, blockchain, the Internet of Things and artificial intelligence are figured into the mix, the industry becomes even more susceptible to attacks, Thales said.
Here are a few of the study’s highlights:
Securing data across multiple cloud deployments:
- Cloud usage with sensitive data is especially high in the financial services industry at 85%.
- Multiple cloud usage is also high with 64% of organizations using more than 25 SaaS applications and 57% using three or more IaaS vendors.
Spending security dollars where it matters most:
- About 84% of organizations report a spending increase on IT security, and 33% report a significant increase.
- The majority (88%) of IT security pros acknowledge data-at-rest defenses are most effective at protecting data, but only 58% registered a spending increase for those specific tools.
- Roughly 56% recognize encryption as the top tool required to increase cloud usage.
- 71% recognize that managing encryption keys across multi-cloud environments is a problem that needs to be solved.
“Digital transformation as well as the increased number and sophistication of attacks, all combine to leave the data belonging to financial services organizations at risk,” said Peter Galvin, chief strategy officer at Thales eSecurity. “Encryption is proven to be the most effective technology to protect data, wherever it resides, as well as help meet compliance mandates. As new technologies such as cloud IoT and mobile payments are increasingly adopted by financial organizations looking for a competitive edge, the security risks they bring must be addressed.”
In an earlier report on security in the retail industry, Thales found that 50 percent of U.S. retailers have experienced a data breach in the past 12 months, compared to 19 percent one year earlier. In another report, Thales said that U.S. federal agencies are experiencing a “perfect storm” around data that puts over 330 million citizens in danger. Findings in that research showed that 71 percent of U.S. federal agencies have experienced a data breach with 57 percent breached in the past year.
