Access management has become a more complex and exceedingly critical aspect of financial services organization management, as hackers have had significant success breaking into systems, stealing data and perpetuating fraud in the past few years. Banks, as well as virtually any type of organization that handles financial data, will need to overhaul their security practices to ensure that they are protected from the threats that abound in the current market.
Authentication has stepped up as a feasible and immensely helpful deployment for access and identity management purposes in the financial services sector, especially because of its ability to simultaneously bolster protection while further strengthening the user experience. After all, the most common cause of data breach is user error and negligence, and this risk can be expanded when the security controls in place are not intuitive and efficient.
In fact, the Ponemon Institute found that 39 percent of all data breaches were caused by employee negligence last year, while this rate has remained consistent for a long period of time. To make matters more complicated, mobility and online banking services have increased the need for more progressive security protocols among a wide range of industries, including retail and payment processing, and the trick is to become more proactive in deployments and advancements.
The risk of breach increases
FierceCIO recently explained that new research has pegged the financial services and energy sectors as the most at-risk of experiencing a cyberterrorism event, such as a Distributed Denial of Service attack or general data breach. For obvious reasons, increasing frequency of breaches in these industries would be devastating on a global scale, as economic and social problems would quickly begin to take form as a result of these issues.
According to the news provider, one security firm released the results of a study that found nearly 75 percent of financial services organizations believe that they will be victimized by a breach within the next year, while a similar amount of energy companies have that prediction as well. This plays into one of the concerns that has become more pressing in the utilities industry, in that advanced technologies can be targeted by hackers for seriously dangerous types of attacks.
"This is not a coincidence," the researchers told FierceCIO. "Both the energy and financial services sectors are under constant pressure from attackers due to the high value assets they hold, which represents a significant risk to the U.S. economy and critical physical infrastructure. In fact, many insurance companies, even some of the world's most prestigious firms like Lloyd's of London, will not insure energy firms against cyber-attacks because of the high risk involved."
Profound problems remain
Earlier this month, CloudTweaks explained that financial services firms are not only lagging in terms of security, but also performance and operational management for IT investments. The news provider explained that 37 percent of banks do not use standardized data classification, nearly one-third do not have any type of data breach response plan in place and 22 percent do not have a form risk management strategy.
Considering the importance of planning and strategic oversight in the cybersecurity arena, these are highly disheartening figures. According to the source, 21 percent do not use roles to manage access, while another 21 percent are not proactively and effectively controlling physical access to their data storage environments.
Authentication, along with more comprehensive and proactive planning on behalf of decision-makers in the financial services sector, can begin to reduce the amount of risk faced on an everyday basis. By using the most advanced forms of access control, companies will be more resilient to breach in the future.