The past few years have seen the introduction of many new laws aimed at protecting people’s privacy. However, it seems as if the financial services industry is still struggling to comply with them.
New research from IT company Tanium shows that over 90% of financial firms still have huge gaps in their compliance infrastructure despite having spent on average £79m per company to ensure they follow the laws.
The global study of 750 IT decision makers showed that these companies still struggle to follow privacy laws like the EU’s General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA) and other data privacy regulations over the past 12 months alone.
Of the people polled, 81% said their organisations had hired new talent, 83% had invested in workforce training and 77% had introduced new software or services to ensure continued compliance.
However, 30% of financial services organisations feel unprepared to deal with the evolving regulatory landscape due to a lack of resources such as people, money, processes.
“While it’s encouraging to see global businesses investing to stay on the right side of data privacy regulations, our research suggests that their good work could be undermined by inattention to basic IT principles,” said Chris Hodson, chief information security officer at Tanium. “Many organisations seem to have fallen into the trap of thinking that spending a considerable amount of money on GDPR and CCPA is enough to ensure compliance. Yet without true visibility and control of their IT assets, they’re leaving a backdoor open to malicious actors.
“Technology leaders need to focus on the fundamentals of unified endpoint security and management to drive rapid incident response and improved decision making. The first step must be gaining real-time visibility of these endpoints, which is a crucial prerequisite to improved IT hygiene, effective risk management, and regulatory compliance.”
Copyright © 2018 RegTech Analyst