With the General Data Protection Regulation (GDPR) coming into force on 25 May 2018, there is an increased urgency for financial services businesses to improve the way data is managed and secured.
However, new research from managed services provider Claranet has found that many companies are still not managing their data as well as they could.
The research, which was conducted by Vanson Bourne who surveyed 750 IT decision-makers for Claranet’s Beyond Digital Transformation research report, identified that security is an area that many are struggling with. Worryingly, 69 per cent of respondents stated that they were not able to secure customer data effectively, with almost half (45 per cent) encountering challenges around securing customer details when trying to improve the digital user experience for customers. This points to a distinct lack of capability when it comes to managing security in a reliable manner.
Alongside this, the research found that IT teams are struggling to acquire the skills and expertise that are necessary in addressing this disparity. Almost six in ten (57 per cent) identified security as one of the biggest challenges facing their organisation’s IT department, the most-commonly-cited challenge by some margin, and 63 per cent state that their security procedures and requirements hold back their ability to innovate. This comes despite the intense scrutiny already placed on the financial services industry from a security perspective.
Commenting on the findings, Michel Robert, Claranet’s UK Managing Director, says: “There can be little doubt that data security is the most pressing issue facing financial businesses today and that sound security practices are the foundation on which these organisations are built, but our research confirms this is an area in which most financial institutions are failing. The GDPR is on our doorstep, but it is clear that many organisations have their work cut out if they are to comply with the regulation. Thinking more broadly, the fact that almost seven in ten organisations can’t guarantee the security of their customer data is particularly concerning.”
“Part of the problem derives from the fact that most internal IT teams don’t have the skills, expertise or the time to keep up with the rapidly changing threat landscape as it’s not their core area of focus. Our research has shown that organisations are very much aware of this problem, but also that they are still some way away from solving it.
To address these shortcomings, businesses are set to ramp up their investments in IT security. According to the findings, 55 per cent of businesses in financial services are expecting to increase their IT budget across the entire organisation by at least 5 per cent next year. This is an encouraging sign, but organisations need to find a way of tackling these security concerns in a way that is both quick and effective.
Robert says: “This focus on heavier investment in security bodes well for the future, and the fact that businesses are aware of where they are deficient means that they have the right mindset in place.
“However, it’s important to recognise that much still needs be done in terms of increasing cybersecurity capabilities at a pace rapid enough to ensure GDPR readiness and overall preparedness. Businesses are aware of the challenges they face, but the current level of available expertise can hold back initiatives. By working with expert third parties, businesses can rapidly gain an extra layer of cybersecurity expertise, identify vulnerabilities and define priorities for improvement.”