Banks Still Not Confident To Detect Cybersecurity Breach: Study

by CXOtoday News Desk    Feb 03, 2017


Banks and insurers enjoy a significantly higher level of trust from consumers in the cybersecurity of their systems (83%) than any other sector (with e-commerce firms at 28% and both telcos and retailers at 13%). At the same time, however, just one in five banking executives are highly confident in their ability to detect a breach, let alone defend against it. That’s according to a report by Capgemini’s Digital Transformation Institute, titled ‘The Currency of Trust: Why Banks and Insurers Must Make Customer Data Safer and More Secure’.

Mike Turner, Global Cybersecurity Chief Operating Officer at Capgemini, says: “Consumers implicitly trust banks with their money and data, but this faith is rooted in a mistaken belief their provider can be 100% secure. While banks are evolving to combat the sophisticated threat cybercriminals pose, public understanding of the threats and challenges remains low.”

The report surveyed 7,600 consumers and over 180 senior data privacy and security professionals from banking and insurance firms from eight countries (France, Germany, India, the Netherlands, Spain, Sweden, United Kingdom and United States). “When GDPR is introduced and all breaches are likely to be made public soon after they occur, many people will be in for a surprise,” says Zhiwei Jiang, Global Head of Financial Services, Insights & Data at Capgemini. “The introduction of GDPR legislation next year is a prime opportunity for business transformation for banks and insurers to become the digital fortresses consumers believe them to be.”

The study shows that India recorded highest percentage point gap indicating the extent by which customers’ perception falls short of reality of  cyber-attacks  (50% perception difference). This lack of consumer awareness can be partly explained by the fact that the concept of data privacy and protection is at a very nascent stage and no guidelines on reporting of data breaches exist. Also, eight out of 10 consumers in India would switch bank in case of a data breach.

According to the study, out of the eight countries, Indians (89%), are most willing to trade financial privacy in exchange of benefits or services. Indian millennials (48 %) also lead/top this chart of trading financial privacy in return for services.

Some of the key findings of the study include:

 Consumers See Their Trust in Banks and Insurers as Vital

The majority of consumers view trust in data privacy and security as an extremely significant factor when choosing their bank (65%). Despite the importance they attach to the security and handling of sensitive financial data, consumers appear to instinctively trust banks and insurers without strong reason. The gap in consumers’ perception and the reality is perhaps exemplified by the fact that though one in four financial institutions reported to having been victim of a hack, only 3% of consumers believe their own bank has ever been breached.

Financial Services Institutions Challenged to Secure Data

While financial institutions, particularly banks, are spending a staggering amount of money securing their systems, the number and frequency of data breaches is still rising. The evolving nature of the threat and lack of clarity among leaders perhaps explains why, despite high levels of investment, 71% of organizations do not have a balanced security strategy nor strong data privacy practices.

With GDPR on the Horizon, Public Awareness of Breaches will Rise

The General Data Protection Regulation (GDPR), European legislation due to come into effect in May 2018, will force organizations to disclose data breaches within 72 hours or face large penalties. Though an EU law, the Regulation will apply to  companies (whether EU based nor not) that process  personal data of European citizens, and is expected to affect banks and insurers in the US, UK and Asia. While compliance will be essential and is just over a year away, among executives surveyed only a third (32%) described their organization as having made strong progress in implementing the draft guidelines.

When Trust in Financial Institutions Fails, Customers Will Leave

Though many instinctively trust their banks and insurers with their data, once this trust is broken they are likely to act. Three quarters of consumers (74%) would switch their provider in the event of a data breach. Among those who would remain with their bank or insurer if their information were compromised, over a quarter say they would be cautious about further investments.