, data protection
With the rising cost of data breaches and the rising volume of attacks, cyber security was one of the highest profile issues facing businesses in 2015. Cyber attacks are currently believed to cost business anywhere between $400-500bn a year and show little sign of abating.
In 2015, cases such as TalkTalk demonstrated not only the considerable reputational damage that firms may suffer through breaches but, moreover, the relative nebulousness of the legal framework surrounding the protection of customer data. Firms therefore face not only a technical challenge in maintaining security, and keeping one step ahead (or at least not dropping one step behind) of attackers, they also face a compliance challenge in assuring regulators that they are doing everything expected of them.
The financial sector
For regulated firms in the financial sector, the issue is particularly pressing. The Financial Conduct Authority (FCA) has made it clear that cyber security is one of the main risks facing the firms it regulates and this is not surprising given the type of sensitive customer data they hold. Firms in the financial sector have been squarely in the firing line of would be (and successful) hackers, reportedly being attacked 300 times more frequently than businesses in other sectors. Indeed, Control Risks recently reported that the finance sector was the second most popular target of attacks in 2015, after the government.
The response of the sector has been to throw considerable funds at the issue. It was reported recently that J.P. Morgan, Bank of America, Citibank and Wells Fargo dedicated a combined $1.5bn this year on security measures against cyber criminals. Meanwhile, demand for cyber security professionals has surged to record levels, with companies’ priorities reportedly shifting from mere prevention towards detection and response.
What about 2016?
The “arms race” nature of cyber security suggests that this trend will continue… and while breaches at larger organisations have made the headlines this year, the likelihood is that cyber criminals may increasingly direct their focus towards smaller firms as larger organisations continue to beef up their defences. The issue therefore looks set to continue to dominate risk agendas in the coming year.
To stay updated on the latest developments in governance,risk and compliance, anti money laundering and financial crime prevention, please follow us on either LinkedIn, Facebook and Twitter where you are guaranteed to be notified when our next blog post goes live!
If you're interested in an ICA qualification more information can be found on our ICA certificates and diplomas page. Alternatively, please call +44(0)121 362 7506 and we’ll happily talk you through your study options.