In recent years, industries across the board have seen a major increase in data breach cases. Increased reliance on digital data have had a significant impact on the growing prevalence of cybercrime in the modern age. In this post, Steve Thomas, Finance and Project Based Accounting Expert at The Access Group, takes a look at cyber security within the financial services sector, and the potential costs businesses could face.
Data stored by any company is of critical importance for both employees and clients, ranging from confidential client information and emails, to orders and payment details. Loss of data can, therefore, result in significant negative repercussions for businesses of all sizes, and this can lead to business failure in some cases. Research shows that 60% of businesses closed operations within the six months following a cyber attack, and attacks of this type are particularly deadly to small and medium-sized businesses.
Security breaches are a major problem within the financial sector – mainly due to the sensitive nature of the data being stored – making all businesses in the sector susceptible to such criminal activity. Cyber attacks within this industry often involve attackers targeting backing systems and client accounts. The sensitive and confidential nature of this information means that a data breach can lead to catastrophic consequences for SMEs working in financial services.
This subject has gained significant traction within the last year. Data breaches reported by financial services firms to the Financial Conduct Authority (FCA) increased by 480% in 2018, with insurers, investment managers, pension and savings advisors seeing an increase in the number of data breach reports.
Research shows that investment banks are more likely to be targeted as victims of a data breach due to the common belief held by cyber criminals that their systems are less sophisticated than that of a retail bank.
2018 also saw a significant increase in reports of data breaches from insurers, consumer retail lending and retail investments, and figures show that British bank customers lost over £500m to financial fraud in just one recent six-month period.
The repercussions of a data breach in financial industries can be fatal. In a recent report published by the government’s Cyber Streetwise campaign and KPMG, 89% of SME victims disclosed that attacks impacted upon their reputation whilst 30% reported a loss of clients.
How can businesses be protected?
Cyber attacks are becoming increasingly sophisticated over time and security breaches continue to plague financial services, with 145 cases reported in 2018 alone. Although no business can completely protect itself from a data breach, certain strategies can be implemented to help prevent cybercrime from occurring.
For financial directors, it is vital to ensure that clients and staff are frequently informed about the risks of cybercrime, such as phishing attacks, password hacking and malware and viruses. Encouraging staff to question suspicious requests and ensure that all attacks are reported will help in preventing cyber attacks in the future.
The National Cyber Security Centre (NCSC) has produced a guide for SMEs which offers actionable advice and tips on a range of topics such as:
- Configuring accounts to reduce the impact of successful attacks
- Checking for obvious signs of phishing
- Reporting all attacks
- Keeping up to date with attackers
Damages and repercussions of cyber attacks in this industry
Currently, the average cost for businesses that have lost data or assets after a breach is £22,700 according to the latest Cyber Security Breaches Survey by the Government’s Department for Digital, Culture, Media and Sport. For an SME, a loss of this amount could be extremely damaging to the business. Attacks of this type do not only affect the financial side of things, but these attacks subsequently impact business reputation, growth, and customer confidence.
The NCSC suggests that there’s around a 1 in 2 chance that SMEs will experience a security breach at some point. Therefore it is imperative that small businesses employ the correct security measurements in order to prevent an attack of this scale. By actively eliminating the risk of a security breach, thousands of pounds could be saved and invested back into the business.
£22,700 is a lot of money and could fund various assets such as 63 new Dell business desktop computers, 137 new office desks or even 19 years worth of cybersecurity protection. One thing is for sure, the costs of cyber security breaches can be substantial.
What would you spend £22,700 on?