Advertisement
Promo

Security threats Toolkit

Data Breaches

FSA warns banks: Shape up on security

Julian Goldsmith silicon.com

Published: 28 Apr 2008 08:56 BST

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

The Financial Services Authority has warned the banking industry to shape up their attitudes to securing sensitive data and customer information.

Following an audit of 39 banks, building societies, insurance companies and financial advisors, the FSA called on financial services firms to adopt a more transparent stance towards customers, rather than fearing adverse media coverage when data breaches occur.

As a result of the audit, one firm has been referred to enforcement.

Instances of bad security practice found in the audit included a lack of due diligence in checking third-party suppliers vet their employees or have adequate security arrangements; too much emphasis on IT controls at the expense of staff awareness and training; and in some areas, an over reliance on compliance consultants who did not understand the importance of data security.

One of the recommendations the FSA made as a result of the audit was that finance firms should appoint a senior manager with overall responsibility for data security.

Watch this

Security body: Compliance burden will increase
Video Story Video Control Panel

Speaking at the FSA annual conference on financial crime, FSA director, financial crime and intelligence division Philip Robinson said: "It is worrying that despite increased public awareness of the impact that identity theft can have on customers, many firms are still not taking this risk seriously. Some firms have made progress by adopting good practice, while others need to do more in the area… we expect the industry to raise its standards. We will follow up on this [audit] with firms and will not hesitate to take action if future breaches are found."

The FSA audit is in conflict with another survey conducted by BT and YouGov on staff awareness about what to do when things go wrong. This report found staff in financial sector companies were 27 percentage points more likely to have a high awareness of their company's business-continuity strategy than the cross-industry average.

BT Global Services finance industry sector managing director Andy Nicholson said in a statement: "With an ever-increasing regulatory environment, operational risk and business continuity planning must extend to every employee, business process and ICT asset."

  • Email
  • Trackback
  • Clip Link
  • Print friendlyPrint with EPSON
Data Breaches

Did you find this article useful?


In association with HP

Talkback

Post a comment


Full Talkback thread

0 comments

Related Links

More in this Special Report

The top five internal security threats

The top five internal security threats

It's widely known that internal staff are the biggest threat to IT security, but what specifically should an employer watch out for? more

Keeping mobile data from going walkabout

Keeping mobile data from going walkabout

Mobile email is no longer the preserve of upper management but providing access to company information on the go has its risks more

Lib Dems call for data guardians

Lib Dems call for data guardians

The Liberal Democrats are seeking the introduction of data guardians into the public and private sector, to protect citizens' information rights more

Worker suspended over loss of prisoner data

Worker suspended over loss of prisoner data

An employee at Home Office contractor PA Consulting has been suspended after the loss of a memory stick holding the unencrypted details of every prisoner in England and Wales more

Ministry of Justice reports nine data breaches

Ministry of Justice reports nine data breaches

The ministry reported the data breaches, affecting around 45,000 people, to the Information Commissioner's Office in the last financial year more

Foreign Office reports five data breaches since 2007

Foreign Office reports five data breaches since 2007

The data breaches at the Foreign and Commonwealth Office are thought to have affected less than 188 people in total more

ICO: Gov't ignoring data-sharing hazards

ICO: Gov't ignoring data-sharing hazards

The government is blindly pursuing data-sharing plans without heeding the potential pitfalls, information commissioner Richard Thomas has claimed more

Lords presses government for data-breach law

Lords presses government for data-breach law

The House of Lords has again urged the government to introduce a data-breach notification law, adding that banks should be liable for e-fraud losses more

Video: Get the most out of your data

Video: Get the most out of your data

How do companies deal with information management? Jonathan Steel, CEO of tech-research firm The Bathwick Group, gives insights based on a recent ZDNet.co.uk benchmark survey more

Justice minister urges overhaul of gov't data handling

Justice minister urges overhaul of gov't data handling

Michael Wills has called for the government to handle data transactions as carefully as financial transactions more

MoD announces data-protection action plan

MoD announces data-protection action plan

The ministry has published a plan of how it intends to meet 51 data-policy recommendations made as part of review into the loss of MoD laptops more

Systemic failure blamed for HMRC data loss

Systemic failure blamed for HMRC data loss

Two reports have found the loss by HMRC of 25 million child-benefit claimant details was 'entirely avoidable' more

Featured Oracle Resources

Human Resources Management eBook

Supply Chain Management eBook

Design and Innovation Report

Economist Intelligence Unit Report - Technology and growth at mid-sized companies

See All White Papers

Company/Topic Alerts

Create a new alert from the list below:





Related BlackBerry Resources

Human Resources Management eBook

Supply Chain Management eBook

Design and Innovation Report

Economist Intelligence Unit Report - Technology and growth at mid-sized companies

Protecting the BlackBerry Device Platform Against Malware

BlackBerry Devices with Bluetooth - Security Overview

BlackBerry Enterprise Server IT Policy

BlackBerry Enterprise Solution - Security Technical Overview

BlackBerry Enterprise Solution and RSA SecurID

CIO's Guide to Mobile Security

See All White Papers

Video icon

Video

Sentry Posts Blog

McKinnon lawyers seek judicial review

Lawyers seeking a judicial review for Nasa hacker Gary McKinnon lodged fresh evidence of his psychiatric state at the High Court on Thursday. Karen Todner, McKinnon's solicitor,... More

1 comment

Beware of keeping your head in the clo...

Information security professionals can look forward to a deepening appreciation for their skills as security continues to be recognised as an essential element for doing business in... More

1 comment

Civil liberties groups attack file-sha...

Civil liberties and digital rights organisations have strongly criticised Lord Mandelson's Digital Economy Bill. Liberty said in a position paper on Tuesday that the bill, part of... More

Post a comment


Skip Sub Navigation Links to CNET Brand Links

Help

Become part of the ZDNet community.

ALL TOOLKITS

Blogs

Newsletters