48% of fintechs’ data security is struggling to keep pace with innovation and digital transformation; a new report by Veritas Technologies has found.
In the accelerated switch to meet the ever-changing needs of a pandemic-conscious consumer, financial service organisations have been left in a state of heightened vulnerability and at an increased risk of ransomware and other data loss incidents.
As brought to light by Veritas Technologies’ Vulnerability Lag Report, this level of threat to the sector is expected to persist for another two years as organisations struggle to close the gap between the new technologies they have introduced to deal with the crisis, and the security measures required to protect them.
The Veritas Vulnerability Lag Report surveyed 2,050 IT executives from 19 countries, including 245 respondents from the financial services sector.
Unfortunately, the report has exposed the fact that companies in the financial services space were more likely to be struggling to keep pace with their security than those from most other sectors, with 48% of respondents stating that their data security was lagging behind their digital transformation deployments.
From the offset, this figure is concerning not only because the average across all industries was measured at 39%, but also because financial service providers typically handle very sensitive consumer information. The presence of this gap is therefore very concerning for people who frequently engage with these types of services, and depend on their security.
Eliminating The Vulnerability Lag
In order to close this gap in cybersecurity within the short span of 12 months, the report highlights how financial services organisations would need to spend, on average, an additional $2.61 million whilst hiring an additional 29 new members of IT staff.
This spending figure is 5% more than the average required across all sectors, which will come as disappointing news for IT leaders in the financial services sector, given the fact that they already typically spent 19% more than their peers on IT initiatives last year.
Only adding to the struggle, the report mentions how financial services companies were also less likely to have the funds required to take action against a security lag, as 43% of respondents stated that they lacked the funds to close all of their gaps, compared to 28% of energy companies and just 25% in the public sector.
Identifying the severe difference between digital acceleration and digital security, Veritas’ Director of UK Enterprise Sales David Wallace comments: “The financial services sector has undergone a huge digital acceleration in the last 18 months, but the pace of security rollouts to protect this innovation has lagged behind. As a result, there will be increased threats to vital data, especially from ransomware. Newly created backdoors will remain open to criminals, until companies within the financial services sector are able to catch up, which our data shows is expected to take two years.
“These organisations were especially stretched by the challenges of Covid, as more services moved online and new products were introduced at speed. And while, of course, they were right to prioritise continuity for customers and empowering the shift to remote working, the time has now come to redress the balance between rapid innovation and security.”
Expansion of Cloud Increases the Risk of Ransomware
82% of financial services respondents have implemented new cloud capabilities or expanded elements of their cloud infrastructure beyond their original plans because of the pandemic. It is these cloud environments that are most at risk while this vulnerability lag persists. With organisations having introduced an average of six new cloud services in the last twelve months alone, 54% of respondents said that they had gaps in their cloud protection strategy – more than any other area.
Responding to the global survey, three in five IT leaders at financial services organisations said that security risks have risen due to Covid-led digital transformation initiatives, with 44% specifying that the risk of ransomware attacks in particular had increased.
Business operations have already suffered due to the vulnerability. 89% of financial services stated that their organisation had experienced downtime in the last 12 months, not least because, on average, financial services were the victims of 3.22 ransomware attacks which caused disruption and downtime to their businesses – this is 32% higher than the average across all sectors.
“While the pressures that Covid-led digital transformation put on IT departments weren’t unique to the financial services sector, its position as a highly attractive target to hackers may have meant that the industry has felt them more acutely,” David continues. “With hackers beating at the door, and limited resources to push them back, it can feel like the IT team is between a rock and a hard place. But canny IT leaders are finding a third way: partnering with data protection providers that can minimise the admin burden of data protection through simplified tools that lever AI and machine learning. Taking this approach can help financial organisations to accelerate their security rollouts and stop their protection infrastructure lagging behind their digital transformation.”