Data breaches have risen 480% in financial services firms
The number of data breaches reported by UK financial services firms to the Financial Conduct Authority (FCA) increased 480% in 2018, to 145 up from just 25 in 2017*, shows research from RPC, the City-headquartered law firm.
Data breaches are on the rise. And, the financial services sector is an especially lucrative target; along with the personal data bulging healthcare sector.
In the financial services sector, the retail banking sector saw the largest percentage increase in the number of data breach reports, rising to 25 in 2018 from only one in 2017.
This should raise concerns about the number of cyber criminals targeting bank accounts. Tesco Bank, for example, was fined £16.4m by the FCA in October 2018 as a result of a cyber attack that led to £2.26m being taken from personal current accounts**.
On the other side, RPC has revealed that wholesale financial markets firms–such as investment banks–reported the most data breaches to the FCA in 2018: 34 compared to just three in 2017.
An easy target?
According to the research, cybercriminals could be targeting investment banks in a belief that their security systems are less sophisticated than retail banks.
And the stakes are, potentially, a lot higher: confidential data held by investment banks on areas such as M&A can be used for insider trading. In the US, for example, the SEC is pursuing a number of insider dealing cases that relate to cyber breaches.
Other sectors within financial services that saw large increases in data breach reports include:
• Insurers — 33 in 2018, up from seven in 2017
• Consumer retail lending — 21 in 2018, up from four in 2017
• Retail investments — 11 in 2018, up from none in 2017 (see below for full breakdown)
In the research RPC explains that ‘while the data suggests that financial services businesses are suffering an increasing number of cyber attacks, these businesses are also perhaps getting better at identifying and reporting those attacks.’ (Which is a good thing!)
Reports of data breaches by financial services companies.
GDPR: a positive impact
June 2018, the first month after the introduction of the General Data Protection Regulation (GDPR), saw the highest monthly total of data breach reports, with 20 data breaches reported by financial services firms.
Richard Breavington, partner at RPC and head of their Cyber Insurance and Breach Response team, says: “Banks remain a top target for cybercriminals. The figures suggest that the banks are suffering data breaches on a frequent basis.”
“The increase in reports, however, does show that the financial services industry is now taking cyber security more seriously than ever. The financial and reputational fallout from a data breach can be serious for a business of any size. They must be ready to defend against — and respond to — breaches as efficiently as possible.”
Those reporting data breaches in financial services is on the rise.
source informationage
Industry: Cyber Security News
Latest Jobs
-
- PCI QSA needed. Discreet Opportunity | London | Client facing
- London
- N/A
-
CH08421 PCI QSA needed. Discreet Opportunity | London | Client facing. Payment Card Industry - Qualified Security Assessor - London Seeking someone looking to accelerate their career, into a variety of interesting clients / projects. Must be happy to be onsite with clients- this is not a fully remote role. You must currently hold a valid CISSP or CISM or ISO27001 lead implementer certification AND one of the following; CISA, GSNA, iso27001 lead Auditor, CIA or IRCA ISMS auditor+ Visa sponsorship not available. Apply today for more information chris.holt@dclsearch.com Use this whatapp link to reach out https://wa.me/message/6USF5RAQBOZIP1
-
- Network / Security Infrastructure Engineer | West London | Permanent
- London
- N/A
-
Network / Security Infrastructure Engineer | West London | Current Config, Install, upgrade experience On prem / Datacetner experience essential. Hands on experience MUST include: Routing, Switching, Network Security (firewall, IDS etc), Microsoft exchange / Exchange 365. Scripting / automation experience wanted. Python, Powershell etc Regular travel to West London is required. Visa sponsorship not available. Apply today for more information chris.holt@dclsearch.com Use this whatapp link to reach out https://wa.me/message/6USF5RAQBOZIP1
-
- Security Operations / information Security Analyst / Engineer. London
- London
- N/A
-
Security Operations / information Security Analyst / Engineer needed for a London opportunity. A technical hands on role to investigate, escalate and proactively work to protect a globally recognised brand. Someone with SOC Analyst / security engineering background would be well suited. This position will join a small team and would suit someone that has broad experience across the security threat landscape. Experience / knowledge across industry GRC standards such NIST, ISO27001 etc very advantageous and a priority. You will work across multiple teams proactively working to secure the business. Must be able to commute to Central London 3 days a week. Visa sponsorship not available Apply today to find out more.
-
- Security Cleared Penetration Tester: United Kindom
- N/A
- N/A
-
Security Cleared Penetration Tester Deliver technical Penetration tests to the NCSC CHECK standard. Active CHECK Member or Leader status desirable either in Web Application or Infrastructure. Reach out to find out more. Whatsapp directly here https://wa.me/message/6USF5RAQBOZIP1 Or apply today