Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
Over half of global financial firms have no accurate record of where customer and employee data is collected, transmitted or stored, according to new research from consultancy PricewaterhouseCoopers (PwC).In addition, 51 per cent of financial services providers said that they do not mandate third parties to adhere to their own privacy policies.Although 81 per cent of respondents to the PwC survey said they are 'somewhat' or 'very' confident in their own or their partners' information security procedures, only 45 per cent carry out due diligence on third parties that handle sensitive customer and employee data."Financial services firms have been leaders in privacy and security, but their policies and capabilities are being outstripped by changes in technology and business practices," said Sergio Pedro, managing director of PwC."Firms must address customer demand, competitive pressure and stringent, ever-changing regulatory requirements by developing comprehensive, integrated privacy and data protection programmes."The research also found that many financial firms focus too much on protecting customer data, neglecting to adequately secure employee records.Encryption has also been neglected by many of the companies. Some 41 per cent do not encrypt data stored in databases, 52 per cent do not encrypt file shares, 43 per cent do not encrypt backup tapes, and 33 per cent do not deploy laptop encryption.PwC urged firms to implement a written plan to monitor, respond to and remediate incidents where there is a potential risk of a data breach, and to contractually oblige third parties to protect sensitive data.
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.