Financial services companies over confident about protecting data

Financial services business tend to be attacked more than those in any other sector, but a new study finds that 75 percent of respondents in this industry are over confident in their data management practices.

A worrying 24 percent of respondents to Integris Software's 2019 FinServ Data Privacy Maturity Study only update their personal data inventory once a year. Even more concerning, 13 percent only inventory sensitive data when audited or in response to regulation requests.

The financial services industry spends the most on data privacy management and is increasing data privacy budgets. In fact, nearly all organizations (92 percent) have a dedicated data privacy management budget, while 28 percent are spending more than $5 million per year, nearly double what healthcare spends at this level.

The finance industry also has the largest internal data privacy teams with 40 percent having 50 or more people (only 17 percent of healthcare businesses have privacy teams this size).

The data landscape is complex though, a single bank transaction can be replicated across 100 systems making it virtually impossible to manually monitor personal information as it travels throughout an organization. The finance industry must also search more locations to find sensitive customer data than any other sector, with 20 percent of respondents needing to search 200 sources to find all data and 64 percent needing to search 50 or more sources to find all data on a customer.

Also more than 45 percent have at least 50 data sharing agreements in place, which is the highest of all industries.

"To help alleviate frequent issues, the financial services industry is starting to use more automated data privacy management tools to increase real-time visibility, comply with regulations and meet data subject requests (DSRs) to furnish or delete personal information," says Integris Software CEO Kristina Bergman. "For example, organizations that take real-time inventory could immediately tell which customer data had been breached – 89 percent vs. 59 percent who didn’t have real-time data discovery and classification tools. Our survey results underscore why it's increasingly important for organizations to automate their data privacy management programs to handle the growing volume of private data and meet stringent compliance requirements."

The full study is available on the Integris site.

Image credit: jamesgroup/depositphotos.com