Despite handling personal details of millions of customers, 41pc of financial services companies across Europe have no plans in place to check the effectiveness of their information risk strategies, research from PwC and information management company Iron Mountain reveals.
Further to this, the research shows that 42pc did not monitor the performance of the individual or team responsible for data recovery, data protection, or information risk management.
Firms’ failure to check the effectiveness of their data protection and document management strategies is placing them at greater risk of threats such as data leaks or data breaches, and 22pc of financial businesses participating in the research said they ‘don’t know’ if they have suffered a data breach within the past three years.
Financial services firms that have experienced a data breach listed reputational damage and professional liability as the main consequences of a breach.
“Our information risk study reveals a worrying level of complacency across the financial services sector in Europe,” said Christian Toon, head of information security at Iron Mountain Europe.
“Interestingly, 45pc of those surveyed cited lack of knowledge as the main obstacle to implementing an effective data management strategy. It is time for organisations to make corporate information responsibility part of their operational DNA in the same way that many have done with corporate social responsibility.”
Data breach image via Shutterstock
