Less than a quarter of banking executives are confident their organization can detect breaches, despite the public having far more confidence in the cybersecurity resilience of financial institutions, according to Capgemini.
The global consultancy’s Digital Transformation Institute polled 7600 consumers in the UK, US, France, Germany, India, the Netherlands, Spain and Sweden on data protection and security issues. It then spoke to 183 senior data privacy and security professionals in the UK, US, France, Germany, India and Spain to hear their views.
While just 21% of lenders believed their systems were good enough to spot a breach, 83% of consumers said they trusted their bank and their insurance company.
That figure is in stark contrast to levels of consumer trust in the e-commerce (28%), telco (13%) and retail (13%) sectors.
The vast majority of consumers (65%) rightly think data security and privacy are important factors in choosing who they bank with, but they appear to trust banks and insurers more than other organizations without evidence to back up their standpoint.
This is exemplified by the fact that while a quarter of banks reported being a breach victim, just 3% of consumers said they thought their bank had been breached.
This lack of transparency is set to change in 2018 with the introduction of new European data protection laws (GDPR) which will mandate 72-hour breach notifications.
“When GDPR is introduced and all breaches are likely to be made public soon after they occur, many people will be in for a surprise,” said Zhiwei Jiang, Capgemini global head of financial services, insights & data.
“The introduction of GDPR legislation next year is a prime opportunity for business transformation for banks and insurers to become the digital fortresses consumers believe them to be.”
Richard Brown, director of EMEA channels & alliances at Arbor Networks, explained that financial services firms are particularly at risk from hackers due to the sensitive data they hold.
“To combat this evolving threat, organizations should foster a collaborative cybersecurity environment by sharing threat intelligence to create a far more accurate and actionable view of the threat landscape,” he added.
“Such an approach enables organizations to take a proactive stance and make predictive responses, rather than waiting to be attacked. This is especially true for financial services organizations who typically have a very large attack surface due to rapidly developing business environment.”