One distinguishing factor of successful businesses is how well they capture, maintain, access and interpret data. Why is it, then, that many businesses fail to adequately protect their data assets, and even more fail to provide for sufficient contingency should data become lost, damaged, corrupt or compromised? Data compromise remains one of the most prevalent challenges, and the one most feared by consumers.
The banking industry has been heavily regulated in terms of data management and, indeed, many banks have even set about trying to render certain data worthless if compromised. They’re relying less on static information and more on variable data that can only be derived, not read "in the clear." Multi-factor authentication, for example, is increasingly becoming the standard for accessing and changing personal and financial records, especially across remote channels such as the internet and telephony.
But there is still much to be done, as discussed at the recent FICO-hosted business continuity event, where over 30 professionals across a variety of industries explored the challenges that their businesses might face in this London Olympics year. The UK tripartite of HM Treasury, the Bank of England and the Financial Services Authority had set the tone in their Market Wide Exercise last year, where banks had to show how they would respond to a large-scale cyber threat impacting payment, account and customer record integrity. The results showed that most banks were unaware of how pervasive such an attack might be, and were unprepared for the full consequences.
There is no such thing as perfect data security and there has to be a balance drawn between practicality and exposure risk, between convenience and cost. But all banks should be focused on determining the relative value of data assets, adopting increased security in all data handling protocols, increasing resilience through secure replication and storage, and creating failsafe procedures in the event of real or threatened compromise.
