Data Privacy: Financial Institutions Try to Keep Data Breaches Down in 2007
As the value of customer data rises for both financial institutions and criminals, so too does its vulnerability. Hackers, dishonest employees, careless customers and technical glitches continue to expose sensitive information, making customers uneasy.Why It's Important: Being branded with the scarlet letter that often follows a data breach incident is a public relations nightmare for financial institutions. Damage to customer relationships often is irreparable in the event of data loss, particularly in the financial services industry. The largest part of the average $182-per-record loss resulting from data breaches is the lost-customer opportunity cost, which Ponemon Institute values at $98 per record. While these numbers represent a cross-industry study, the churn rate for the financial services industry -- the number of customers taking their business elsewhere in the event of a publicized breach -- tends to be higher than other verticals.
Where the Industry Is Now: There were multiple high-profile data breaches in 2006, and financial services firms were not spared. Notable firms in the news for data exposure included Fidelity Investments (196,000 records compromised), ING U.S. Financial Services (21,500 records), Bisys Group (61,000 records) and Nationwide Retirement Solutions (38,443 records), according to the Privacy Rights Clearinghouse. In addition, online brokerages E*Trade Financial and TD Ameritrade reported fraud losses totaling $22 million resulting from a market manipulation scheme executed via hacked accounts.
Focus in 2007: In addition to curbing the number of data breach events, information security professionals are keeping an eye trained to the size of data breaches. Concern is mounting that a major data loss, such as the May 2006 Department of Veteran's Affairs loss of 28.6 million records, will result in a knee-jerk attempt by lawmakers to protect consumers. While new legislation appears likely, industry anxiety is mounting that it will come in the form of possibly misguided federal regulation. Several bills with heavyweight political backers sit in the House of Representatives and the Senate, and industry observers agree that the shift of power back to the Democratic party in Congress should expedite the passing of legislation, perhaps as soon as this year.
Industry Leaders: Despite recent breaches, the online brokerage community has, by necessity, led the way in protecting customer data. Maintaining the integrity of the online channel is essential, as trust in e-commerce is the foundation of the discount brokerage business model. By developing user-friendly online security centers that feature best practices and security software, brokerages such as E*Trade, TD Ameritrade and Charles Schwab have transferred partial responsibility and power to customers. However, customer education efforts won't completely take hold until key players in the financial services industry organize a unified education program. Still, in most cases, financial firms continue to cover losses resulting from security-related breaches.
Technology Providers: Although technology is occasionally to blame for data exposure, the details of incidents repeatedly prove that the problem is, at its core, a people problem. While there are many providers of technologies that are deployed as part of a larger security infrastructure, there is no technological panacea. Still, most firms have a good grip on protecting themselves against malicious attacks -- it's the inadvertent failures, such as lost or stolen laptops, and customer carelessness that cause the biggest headaches.
The Price Tag: The total per-record cost of a data breach increased 30 percent in 2006, according to the Ponemon Institute. Criminals understand the value of customer data, and they're sure to develop more-sophisticated attacks to exploit it. As the threats to customer data mature, the incurred costs will continue to rise. While firms do not disclose the costs of customer education efforts, it is clear that the value of prevention efforts rises with each exposed customer record.
|
10 Critical Business Technology Issues for The Street
In 2007, firms will face the daunting full rollout of Reg NMS in the U.S. and the likely beginning of MiFID implementation in Europe while they continue to struggle with data privacy, OTC derivatives, a shortage of talent and the potential of Web 2.0, among other challenges.  more... |
|
Data Privacy: Financial Institutions Try to Keep Data Breaches Down in 2007
Several big-name data breaches made 2006 an ugly year for the securities industry, and security and privacy professionals are hoping to bring the problem to a halt this year.
In the Search of Liquidity: The Time Is Now
Now that Reg NMS is finally here, are firms ready to access 30 or more trading venues in their search for liquidity? After a year of investment in technology, firms need to demonstrate that their systems are up to the challenge.
The Buy Side Jumps on Board the Push to Automate OTC Derivatives
Now that traditional buy-side firms and hedge funds are increasingly investing in credit derivatives, the fastest-growing product in the OTC derivatives space, the industry is focusing on automating post-trade processes to reduce operational risk.
Firms Ready to Dive Into China's Financial Markets
The opening of the huge Chinese financial services sector to foreign-based institutions presents a gamut of opportunities -- whether in retail and corporate banking, investment banking or asset management -- for North American and European firms.
The Right Stuff: A Good IT Manager Is Hard to Find
It's going to be a good year to find a new job, as the shrinking talent pool has created a strong job market for IT workers with strong business acumen.
|
NYSE Requests a Four-Week Extension of the Reg NMS Deadline
Although it has been beaten to death by industry analysts and press, the importance of the changes to the U.S. securities industry spurred by Reg NMS cannot be overstated. The industry anxiously awaits full implementation of the regulation in 2007.
A Market Turned Upside Down
The European Union's Markets in Financial Instruments Directive (MiFID) is scheduled to go into effect in November 2007. Even U.S.-based firms will need to have a thorough strategic plan for compliance in order to stay competitive in the global markets.
Wealth Managers Turn to Unified Managed Accounts to Better Serve Wealthy Clients
Unified managed accounts and unified managed households are part of a growing trend to electronically aggregate a client's holdings in as close to real time as possible. The goal of such cross-product, cross-institution and cross-individual accounts is superior portfolio management, including tax optimization and risk mitigation.
Web 2.0 Enriches Applications and Services, Making Them More Compelling to Users
One of the hottest buzzwords of late, Web 2.0 refers to Rich Internet Applications (RIAs) that use the Internet as a platform to create interactive user interfaces that resemble PC-based applications. Typically, RIAs emphasize online collaboration among users.
Surging Electronic Trading Volumes and Reg NMS Require Financial Firms to Enhance Underlying Technology Infrastructures
Electronic trading is exploding and firms are rapidly expanding technology infrastructure to handle the increases in trade volumes and associated market data and messaging.
|
SPECIAL REPORT
SMS Messaging and Asynchronous Data/Voice Capabilities Will Shape 2007 Wireless Market
SMS and text messaging will take center stage for financial organizations that support wireless access for clients, reports Joseph Ferra, chief wireless officer at Boston-based Fidelity Investments. Those trends, combined with the introduction of asynchronous data and voice capabilities on phones, will drive increased wireless usage for financial transactions.
Putnam's 64-bit Architecture and Outsourcing Strategy Allows IT to Focus on Core Competencies
Boston-based Putnam Investments has leverage outsourcing of certain processes so business leaders and technology professionals can focus on projects that provide specific value to the business, according to Philippe Bibi, Putnam's CTO.
Web 2.0 and Data Privacy Will Define Financial Services in 2007, Says Steve Rapp, SVP & CIO, Nicholas Applegate.
The move to further protect client data and the maturation of Web 2.0 related businesses are two topics that will define financial services in 2007, according to Steve Rapp, senior vice president and CTO at San Diego-based Nicholas Applegate Capital Management.
Mellon Focused on Bank of New York Merger and new Private Wealth Management Platform
Mellon Private Wealth Management looking to take advantage of the Bank of New York's international reach all while launching a new platform that will transform the way wealth managers interact with ultra-high net worth clients' other advisors, according to Tim Tully, SVP & COO, Mellon Private Wealth Management.
Cross-Asset Algorithmic Trading Goes Mainstream, While Software As a Service Gains Traction
More buy-side firms will adopt cross-asset class algorithmic trading in 2007, while software as a service will again be en vogue, as the comfort level with the technology and Web 2.0 functionality help adoption rates, says David Dart, a former managing director and CIO Americas with a large German bank (as of Dec. 31, 2006).
|
less...
Tweet This