There are few areas of working in data that require more attention than data management, particularly when it comes to sensitive financial information about customers. Despite this, nearly six in ten UK financial services organisations are at risk of data breaches due to poor data management, according to their senior executives.
These findings come following research from data and analytics strategy consultancy Cynozure alongside the release of the Bank of England’s annual Systemic Risk Survey – a biannual survey that quantifies and tracks market participants’ views of risks to, and their confidence in, the stability of the UK financial system.
Inherent dangers
The results show that cyber-attacks are the most prevalent risk cited by respondents, with 28% of all cyber-attacks in the UK in the last year targeting financial institutions. The second and third risks most highlighted by respondents were inflation and geopolitical instabilities.
A major compounding factor in increasing these risks is that many financial institutions simply do not understand data at a basic level. This makes them more vulnerable to attacks around how data is used, stored, managed and implemented. Of the respondents, 21% said they do not know where data is held in the organisation, 35% believe the data world is too difficult and complex to understand and 31% agreed that there is a lack of data literacy in the business.
It has been discussed by DataIQ members that the language used by data professionals needs to be accessible and simplified for those that do not utilise data daily. This is particularly true for highlighting the risks that can arise with poor data management. How many people outside of the the-based teams know what a DDoS or ATO attack is? According to some calculations, more than 50% of all traffic to sites in the financial services industry comes from bots, and they experience the highest share of account takeover attacks at 38%.
What can be done?
The first line of defence for financial institutions must be education about the importance of data, and this is achieved through data literacy. The new DataIQ assessment tool indicator is a good starting point to understand the level of data literacy within an organisation. DataIQ members can also use the DataIQ literacy programme. Once problem areas have been identified, it is much easier to implement a suitable data literacy campaign that can target weak points within a business.
Secondly, a comprehensive data strategy needs to be put in place alongside rigorous data governance policies. Once these have been integrated into the day-to-day operations of the business, it will become simpler to spot dangers whilst rapidly improving organisational compliance.
Staff members need to be made aware of who is responsible for data management, why data quality and compliance are necessary and actions that can be taken to reduce human error. With these frameworks in place, the chance of data breaches diminishes rapidly.
Plan ahead
The other major action that needs to be taken by financial institutions – and any form of data-heavy business – is to ensure there is a crisis management plan in place. This can be achieved by examining past breaches that have happened at similar businesses, identifying scenarios where a breach may occur and calculating the likelihood of breaches happening in different areas of the business.
There is no simple answer that can be utilised by all businesses, it will require individual approaches as each business is unique in the way that it collects, stores and uses data. The leak of data can be damaging economically, operationally and reputationally so it is in all interests to ensure that precautions are taken to minimise the chances of data breaches happening, particularly for financial institutions where data can be personally identifiable.
To highlight the developments in data literacy and data quality you and your team have made, submit an entry to the DataIQ Awards. A free-to-attend award submission masterclass is available to join.
Thank you for your input
Thank you for your feedback
DataIQ is a trading name of IQ Data Group Limited
10 York Road, London, SE1 7ND
Phone: +44 020 3821 5665
Registered in England: 9900834
Copyright © IQ Data Group Limited 2024