Connect with us

Wealth Management

KEEPING DATA IN THE VAULT: INSIDER BREACH RISK IN FINANCIAL SERVICES

by Tony Pepper, CEO. Egress

 

Financial services organisations are trusted with far more than just money; they are also responsible for keeping customers’ highly sensitive personal and financial data under lock and key. We’re hyper-aware that the growing value of this data means financial organisations are prime targets for malicious cyberattacks – but this isn’t the only threat they face. In fact, not a day passes without these firms’ own employees putting data at risk from within.

You might think that, when it comes to reducing overall breach risk, employees represent low-hanging fruit – surely it is easier to control the actions of a company’s own team members than it is to defend against external attackers? However, this not the reality experienced by financial firms worldwide. While external attackers are always motivated by malicious intent, the employee population is far more heterogenous and, in a sense, much more human. This makes understanding and mitigating insider risk a more nuanced exercise. Just because it is difficult, however, doesn’t mean it is impossible. It’s crucial that financial services companies shift the dial on insider risk and reduce breach frequency, because the penalties for failing to do so are becoming increasingly draconian and the repercussions from customers much more severe.

The recent Egress Insider Breach Survey aimed to understand the different attitudes towards data sharing and ownership among employees in financial services companies and the approaches that IT leaders in the sector are taking to managing insider breach risk.

We found a whole range of diverse profiles of people who put sensitive financial data at risk for very different, but very human, reasons. Some need monitoring to keep their less-than-honest traits from getting the better of them, while others need a helping hand to save them from making genuine, well-meaning mistakes. And across all respondents, we also found confusion over who really owns data, contributing to the more cavalier attitudes displayed by some.

 

Deliberate “data breachers” – from well-intentioned but reckless to disaffected and destructive

Our study found that the financial services sector has more than its fair share of deliberate “data breachers”. Of the thousand employees we questioned, almost a third (32%) said they or a colleague had intentionally broken company policy when sharing or removing information in the past year. This compares with just 15% of healthcare workers and 11% of government sector employees.

The reasons given for this deliberate flouting of security policy varied. One-third said they were simply trying to get their job done but didn’t have the appropriate tools to share data safely. On the face of it we might have some sympathy with those employees, but would consumers and businesses want to bank with those firms?

It’s more difficult to be sympathetic with those motivated by self-gain, including the 41% who took data with them because they were moving to a new job. And we have even less sympathy for the 15% who compromised data because they were angry with the company and wanted to deliberately cause harm.

 

Operator error – mobile, tired, under pressure

Even with their firm’s best interests at heart, employees still make mistakes. 30% of financial sector workers said they or a colleague had caused an accidental data breach in the past year – again more than twice as many as their public sector counterparts. A third had sent an email to the wrong person and a further third had clicked on a link in a phishing email.

Their reasons behind these breaches varied from the pressure of working in a stressful environment, to tiredness and rushing. A significant proportion, however, said they made an error due to using a mobile device – and given the current requirement for mobile remote working during this COVID-19 pandemic, this is a definite cause for concern.

 

Breach detection gaps and technology limitations

Next, we examined what IT leaders in the sector have in place to mitigate insider breach risk. Concerningly, 60% said the most likely way they would discover an insider data breach was via internal hand-raiser reporting by either the employee themselves or a colleague. Only one third felt that their breach detection systems would pick up the issue.

In a similar vein, traditional data protection technology use was surprisingly inconsistent across financial firms. Email encryption, anti-malware and secure collaboration software were in use by fewer than half of financial sector companies. Again, raising the question whether consumers and businesses would be willing to trust their data to financial firms if they knew they didn’t have systems in place to protect it.

So, why is this the case? From the data we uncovered, it seems as though organisations are resigned to a proportion of insider breach incidents occurring, accepting them as an inevitable result of doing business and employing people. But this doesn’t need to be the case. It is possible to apply human layer security solutions to mitigate these risk factors and make a positive impact on breach frequency figures.

 

Human layer security – a helping hand and a watchful eye

Take the issue of rushing or tiredness. This can lead to users adding the wrong recipients to emails or failing to spot the subtle changes in familiar email addresses that denote targeted phishing attempts. This risk can be overcome with tools that use contextual machine learning to analyse what the good security behaviour looks like for each user and support them with alerts that tell them they’ve added an unusual recipient to an email, or that they are about to answer a phishing email. A small prompt is all these users need to stop them from making an error and causing a data breach.

Similarly, when using mobile devices with smaller screens, it is very easy to choose the wrong attachment and send sensitive data outside the organisation to the wrong recipient or to the right person unprotected. If an employee is less than honest, our always-on, constantly connected culture also enables them to deliberately do so too. However, it is possible to stop these incidents with an intelligent solution that scans email and attachment content and identifies data such as personally identifiable information (PII) or bank account details to alert users that they are about to send information to an unauthorised recipient, or without the correct level of encryption applied. If the user persists, the risky email can be blocked from being sent and administrators alerted to a potentially intentional attempt to breach data, so they can respond accordingly.

Ultimately, the most effective way to address human-activated threats to security is by implementing tools that support and manage users when they are at their most humanly vulnerable; tired, rushing, under pressure, angry or self-interested. As our research and wider evidence shows, the financial services sector is more than averagely vulnerable to insider data breaches, meaning human layer security must be a priority for IT leaders in the field if they hope to reduce breach frequency and keep sensitive data firmly in the vault.

 

Wealth Management

ONLINE STOCK BROKERS ARE BENEFITING IN 2020

2020 has changed our lives in dramatic ways. Thanks to COVID-19, many of us now work from home. Rather than go to the doctor’s office, some have embraced telehealth apps. And instead of seeing brokers in the flesh, many have opted to sign up for online brokerages.

Before COVID forced us into quarantine, we were hesitant to do their investing online. But, with in-person meetings no longer possible, we’ve finally seen how convenient it is. This trend has been a boon for online stock brokerages. Questtrade added 50,000 new accounts in Q1 2020. Robinhood, a popular American trading app, saw three million new members join in the first four months of 2020.

Is online trading here to stay? Is it in the best interest of investors to engage with these services without first consulting a professional? We’ll examine these issues in today’s article.

 

Business Has Been Booming For Online Brokerages

As lockdowns forced millions of Americans into their homes, boredom quickly set in. Sports leagues around the world had suspended play, so that was out. While some theatre chains streamed movies online, new releases were few and far between. And land-based casinos were locked up tight.

At first, we watched every show in our Netflix queue. We even stumbled across the spectacle that was “Tiger King.” And then, in April, a little gift landed in the bank account of hundreds of millions of Americans.

It was the federal Coronavirus benefit. Approved by Congress in March 2020, the IRS began to send checks worth as much as $1,200 to eligible Americans. As of June 2020, the government has sent more than 159 million checks.

For some, this massive injection of capital went straight to rent, bills, and other necessities. But, for those lucky enough to have a stable income, this windfall became seed money for the stock market. At first glance, putting capital into the S&P or the Dow Jones during the COVID crash seemed suicidal.

But, as losses slowed, the media played up the massive correction as the best buying opportunity since the Great Recession. Treasury Secretary Steve Mnuchin concurred, saying the Coronavirus selloff would be short-lived.

And so, millions of Americans, many of whom had nothing but time, plunged their $1,200 extra dollars into the stock market. With in-person brokerages shuttered, people flocked en masse to services like Questtrade and Robinhood.

 

Robinhood: A Major Factor In The COVID Crash Recovery?

As we already mentioned, more than three million new investors have signed up with Robinhood since the pandemic started. This app, which got its start back in 2013, has long had a cult following among Millennials for making investing cheaper and more straightforward.
Then, the COVID crisis introduced millions more to this stock trading app. At first, Robinhood creaked and groaned under the strain. In early March, when COVID-related market swings began, the app crashed several times.

As the company adjusted to the new loads, though, their user base surged. By the end of March, they had ten million users. Then, as stocks sat 40% off their all-time highs, these new app users began scooping up the “bargains.”

To be sure, some stocks got oversold during panic selling in March. However, given the new realities of our COVID-infected world, these novice investors made some “curious” picks. Consider the case of Delta Air Lines (DAL). Of all industries affected by COVID, the virus has hammered travel the worst.

Now, few Robinhood users held DAL before March 2020. Yet, after Delta’s stock lost more than half its value, Robinhooders bought up hundreds of thousands of shares. DAL has since rallied 50% to around $30/share since hitting its 52-week low. Even though, for the foreseeable future, international travel won’t be a thing.

We see a similar trend emerging with publicly-traded travel/travel-adjacent companies like Boeing, Hertz, and MGM. Despite the bleak future these companies face, Robinhood investors are piling in. Perhaps they think things will go back to normal soon, pushing prices 2-3x higher, thereby making them piles of cash.

But, if any of these companies go bankrupt, they’ll be in for a rude awakening.

 

Will Interest In Online Trading Endure Post-COVID?

Currently, new Robinhooders and other novice investors have heavily chummed the market’s waters. In a way, they are like children who have yet to learn that stove elements are hot. In other words, they’ll have to get burned badly to learn their lesson.
In particular, most don’t realize that bankruptcy proceedings seldom favor retail investors. On the other side, these shareholders get next-to-nothing – if anything at all. As of June 2020, this reckoning hasn’t happened yet. Stocks are currently trading around 10% below their post-COVID high, but well above 52-week lows.

When the next big plunge does happen, though, loads of over-leveraged Robinhooders/newbies will get flushed. If anything, we’re deeply concerned – according to a recent Yahoo Finance report, 20-year-old Alexander Kearns got cleaned out on a bad trade he made earlier this month.

His account briefly showed him $700,000 in the red, which later reset to zero. It appears he thought he owed that amount, so he committed suicide shortly thereafter.

While not everyone will react as severely to busting their account, the coming crash will greatly reduce investment post-COVID. The current class of inexperienced investors do little (if any) research. They treat markets like a poker game. As any experienced card player knows, the money always flows to the sharks in the long run.

In our view, a small percentage of these new investors will stick around. They are the ones doing extensive research, making smart bets, and learning from their mistakes. The rest will slink away after torching thousands of dollars in life savings.

 

Prepare For Stormy Seas

If you are new to equities investing, batten down the hatches. The current market frenzy won’t last forever, as it is pumping cash into stocks with poor long-term prospects. When it all comes crashing down, many of the neophyte investors posting on /r/wallstreetbets will mysteriously vanish.

Don’t be a statistic. Do your homework, stay within your bankroll, and keep learning. Invest wisely – 2020 still has plenty of tricks up its sleeve!

Continue Reading

Finance

TOP TECHNOLOGY TRENDS FINANCIAL INSTITUTIONS SHOULD INVEST IN TO BRIDGE THE GAP IN REMOTE WORK

Chirag Shah, Senior Vice President, Fintech & Innovation Lead, Publicis Sapient

 

More than ever before, technology is critical to the success of financial institutions. Over recent years, we’ve started to see fintech and incumbent tech compete, as there has been increased demand from consumers. With everyone having to operate remotely due to COVID-19, the customer needs, and therefore, the companies’ urgency to act quickly, have been accelerated.

Banks and financial institutions must show their ability to develop new customer friendly innovations that can help connect data and high-end digital delivery. Here are some innovative technology trends that will help navigate the disruption.

 

Cybersecurity

Since the onset of the pandemic, cyberattacks have rapidly increased. People are extensively utilizing online platforms for their professional and personal needs. Often times they are using their personal devices, rapidly shifting transaction patterns and with limited control on access privileges it has put an enormous stress on security controls.

Given the distributed nature of work is something we will continue to face in the near term, organizations will need to focus on security measures across infrastructure, product and people. There are several recommendations to get in front of cyber-attacks:

  • Building robust resilient products
  • Instituting stronger access privileges across application, data and network stacks
  • Patching hardware and software with the latest security updates
  • Building cloud native products which have inherent tighter security controls

 

Resiliency

Since March, we have been forced to accelerate the pace for innovation around technology themes such as application modernization and rationalization. Companies have to transform digitally so they can scale up digital products and services and they need to migrate legacy technologies onto modern platforms.

Critical financial service platforms such as brokerage trading, commercial lending, customer analytics and call-center operations are being modernized with latest technologies that are virtual, scalable and federated. The impact around how these components react and work with each other in the scenarios of highly volatile environments is unknown. Recent troubles have shined a light on the vulnerability of critical platforms and the necessity for new tools and processes that ensure they will stay competitive. Ensuring modern distributed applications work, with mainframe like reliability and cloud like scalability, is Resiliency.

 

Low Code No Code Platforms 

Digitization driven by recent events will need enough acceleration to support customer’s behavioral transformation. Low Code No Code platforms will thus emerge as a winner as it enables a rapid turnaround in designing and building applications with minimal hand coding and delivering value in an agile and reliable manner.

According to Gartner, “by 2024, three-quarters of large enterprises will be using at least four low-code development tools for both IT application development and citizen development initiatives. By 2024, low-code application development will be responsible for more than 65% of application development activity.”

 

Data’s new defined purpose

Democratization of data will be a key initiative within every financial service client particularly if they want to restructure their products and make them digitally available to customer; increased customer activities across digital channels has created massive datasets.

Gathering critical information sets relevant to the business and customers will democratize data. Three strategies which will help financial service organizations be more data-driven:

  • Proliferations across these massive data sets produced by customers and other channels will define new rules and expectations to create a customer 360 view.
  • Adopting and implementing the new Data privacy, Data governance and Data practices.
  • Data driven decision making through visual analytics and data story telling.

We are now starting to see that alternate data sources are being leveraged, in the Investment Research processes, in order to track retail sales.

 

Artificial Intelligence

Banks are starting to invest more in leveraging AI models to help prevent credit loss. Post COVID-19, banks are unable to identify who is creditworthy. Credit reports are unable to accurately reflect where borrowers have deferred making payments to lenders across multiple months. AI can be leveraged to better service banks to identify potentially delinquent clientele. Based on customer profile, banks will have to react appropriately:

  • New customer acquisition – Suppress marketing to increased risk customers, as pre-approved customers may have lost their buying power, which isn’t reflected in the credit reports
  • Pre-delinquent customers – Early warning and early intervention to identify struggling customers
  • Post-delinquent customers – Identify and suggest hardship programs to help reduce risk for customers that might have lost their jobs or being furloughed

Remote working has proved challenging for front office workers and their typical access to information flow. Chatbot usage is rapidly increasing as they use natural language processing to connect into multiple underlying systems in order to provide a one stop shop for all information to the investment professional (IP) leveraging collaboration tools like Symphony. This allows data sharing with other IPs and access to data from multiple systems at their fingertips.

Additionally, call centers are utilizing AI/chatbots to help augment the inbound calls to see if a virtual assistant is able to answer straight forward customer queries.

Banks and financial institutions no longer have the luxury of staying complacent with the legacy tech, or waiting to see what trends prove to be most effective before investing. Financial institutions need to be taking action, embracing the changes they have faced already, and the ones they have yet to encounter and they should be bullish in investing in technology that will help them disrupt competitor business models, in order to help them stay afloat during these unprecedented times.

 

Continue Reading

Magazine

Partner Events

Trending

Banking10 hours ago

NO SAFE HARBOUR FOR DIGITAL BANKING

by Konstantin Bodragin, Business Analyst and Digital Marketing Officer at Bruc Bond   At the beginning of 2020, the future...

Business10 hours ago

CAN TECHNICAL INNOVATION HELP FINANCIAL SERVICES FIGHT BACK AGAINST FINANCIAL CRIME?

By Charlie Roberts, Head of Business Development, UK, Ireland & EU at IDnow   It’s no secret that the financial...

News10 hours ago

ARE MIDDLE EAST ENTERPRISES PREPARED FOR THE FUTURE?

Deloitte releases 2020 tech trends report   Deloitte’s 11th annual report on technology trends captures the intersection of digital technologies, human...

Wealth Management23 hours ago

ONLINE STOCK BROKERS ARE BENEFITING IN 2020

2020 has changed our lives in dramatic ways. Thanks to COVID-19, many of us now work from home. Rather than...

AI AI
Finance3 days ago

COULD COVID-19 BE THE CATALYST FOR DIGITAL TRANSFORMATION IN FINANCE?

By Simon Bull, Sales Operations & Business Development Manager at Aqilla   We are all now living in a new...

Banking3 days ago

WHY OPEN BANKING SHOULD BE EVERY MARKETER’S BEST FRIEND

By Kathryn Wright, CSO, Upside   To date, Open Banking has been mainly utilised to help consumers with account switching...

Finance3 days ago

TOP TECHNOLOGY TRENDS FINANCIAL INSTITUTIONS SHOULD INVEST IN TO BRIDGE THE GAP IN REMOTE WORK

Chirag Shah, Senior Vice President, Fintech & Innovation Lead, Publicis Sapient   More than ever before, technology is critical to...

Business4 days ago

TOP 5 LINKEDIN PROFILE OPTIMIZATION HACKS FOR ASPIRING BANKERS

According to Firmex, finance professionals cannot afford to be not on LinkedIn. A significant number of organizations acquire talent in...

Wealth Management4 days ago

TAPPING INTO THE DATA GOLDMINE: THE FUTURE OF DATA-DRIVEN CREDIT MANAGEMENT

Willand Brienen, product owner at Onguard   Data, and the insights it reveals, can offer organisations a vast number of...

Finance4 days ago

ENLISTING TECHNOLOGY TO HELP FIGHT FINANCIAL CRIME

By Rachel Woolley, Director of Financial Crime Fenergo   Million-dollar properties, private jets and parties on luxury yachts with celebrity...

Banking4 days ago

TRANSFORMATION IS NON-NEGOTIABLE FOR BANKS LOOKING TO DELIVER VALUE IN A POST-PANDEMIC WORLD

Andrew Warren, Head of Banking & Financial Services, UK&I, Cognizant   In addition to responding to changing customer expectations, higher...

Business4 days ago

HOW MILLENNIALS CAN GET AHEAD WITH THEIR MONEY

Granville Turner, Director at company formation specialists, Turner Little.    Millennials are often painted as globe-trotting creatures that spend more...

STRUCTURED DATA STRUCTURED DATA
Business4 days ago

STOPPING THE CHARGEBACKLASH

By Gabe McGloin, Head of Intl. Merchant Sales @ Verifi   Brands have been encouraging consumers to move their shopping...

Business4 days ago

CONSUMERS ARE READY FOR BIOMETRIC PAYMENT CARDS

Lina Andolf-Orup, Head of Marketing at Fingerprints   We’ve come a long way in the evolution of digital payments. Magnetic...

Finance5 days ago

WHY IT PAYS TO MAKE CYBER SECURITY PART OF THE M&A DUE DILIGENCE PROCESS

Anurag Kahol, CTO at Bitglass   Mergers and acquisitions (M&As) enable business leaders to adapt fast to new opportunities. Whether...

Interviews5 days ago

GOING FOR INVESTMENT IN CENTRAL EUROPE: START-UP LIFE OUTSIDE A TRADITIONAL TECH HUB

A Q&A with Bence Jendruszak, Co-founder and COO at SEON   At what stage did you realise you were going...

Banking6 days ago

CLOUD ALLOWS BANKS TO BASK IN CHANGE

by: Elliott Limb, Chief Customer Officer at Mambu   As a new era of banking takes off, the cloud is...

Finance7 days ago

COVID-19 WILL DRIVE FINTECH ADOPTION – BUT AT WHAT COST?

By Ian Bradbury, CTO – Financial Services at Fujitsu UK   Even before the impact of Covid-19, the financial services...

Business7 days ago

HOW TECHNOLOGY IS POSITIVELY IMPACTING COMPLIANCE AND HOW IT IS HELPING TO STREAMLINE PROCESSING TIME AND COST FOR FIRMS

By Joe Woodbury, Director – Investment Management Solutions at Lawson Conner (part of IQ-EQ)   Private Equity & Real Estate...

News7 days ago

TECHCOMBANK AND COMPASS PLUS CELEBRATE 15 YEAR MILESTONE IN BANKING PARTNERSHIP

Since issuing the first Visa card 15 years ago using solutions provided by trusted partner Compass Plus, Techcombank, one of...

Trending