Wherever money goes, hackers are sure to follow. That logic held true in a recent survey conducted by PricewaterhouseCoopers (PwC), which showed cybercrime placing a significant strain on the global financial sector.
"The rise in cybercrime is not so surprising given the sector holds large volumes of the type of data cybercriminals are interested in and there is an established underground economy servicing the needs of the market for stolen and compromised data," explained PwC forensic services partner Andrew Clark. "However, our survey shows cybercrime accounts for a much greater proportion of economic crime in the [financial services] sector than in other industries."
According to PwC research, cybercrime is now the second most commonly reported economic crime affecting financial services firms. Only asset misappropriation, such as rogue trading and embezzlement, was deemed a more serious risk by responding companies. In fact, the report found that cybercrime was responsible for 38 percent of all economic crimes observed in the financial sector, compared to the average rate of 16 percent seen across all other industries.
Nearly half of all responding companies from the financial sector fell victim to fraud in the past 12 months, reflecting a marked increase from the 30 percent cross-industry average. These figures are not surprising considering the value of the assets held by financial institutions, but there are a number of ongoing developments contributing to the rise of cybercrime seen in recent months.
Once again, the perceived level of data security risk was highest among respondents in the financial sector, reflecting a growing awareness of the unique threats posed by mobile banking services and applications. According to market research from comScore, mobile banking gained significant traction in 2011, as institutions catered to the evolving demands of the customers with an array of new applications.
"There continues to be areas of opportunity for increasing consumer engagement across both fixed Internet and mobile platforms," explained comScore executive Sarah Lenart. "Financial institutions who want to ensure they are meeting their customers' needs must continue to expand and refine digital marketing strategies in 2012 to increase penetration and engagement."
But as market demands push banks into the era of mobility, few are truly equipped to address the widespread and complex data protection challenges. According to PwC analysts, just 18 percent of responding institutions met established criteria for sound cybercrime incident response strategies. This is especially concerning in an era when hackers need only a few moments to infiltrate a network, pilfer sensitive corporate or consumer data and leave without a trace.
"Overall responsibility for managing cybercrime risks rests with senior management," report authors concluded. "It is therefore essential that senior management understand the potential risks and opportunities the cyber world can present and ensure that there is clear accountability and responsibility for dealing with these risks and opportunities."
There was some evidence to suggest that executive awareness is on the rise. As IT teams and compliance officers do a better job of communicating the business implications of data security frailties, more than half of responding financial professionals built the link between digital threats and operational consequences by citing reputational damage as a leading concern.
In a related interview with the Wall Street Journal, PwC cybersecurity services director William Beer noted that companies with a chief security officer or comparable role in their organizational structure stand a much better chance of withstanding and resolving data breaches. By having an advocate for digital data protection in the boardroom and a visible senior officer capable of setting the tone in the workplace, firms can ensure departments are adequately funded and employees are complying with established best practices.
Data Security News from SimplySecurity.com by Trend Micro