QUESTION
Much has been in the
news recently of very large companies experiencing failures of their
Information Technology infrastructure to prevent access to private, secure
data. Breaches in security have compromised very large companies like Sony,
Target and Home Depot.
As a small financial
company, should I still be concerned?
ANSWER
The simple
answer is “Yes!”
Compliance and security
issues keep financial industry IT professionals up at night. And for good
reason. Security breaches and instances of non-compliance can lead to fines, a
loss of customer confidence and even criminal charges in extreme cases of
negligence. The problem is that maintaining compliance and ensuring data
protection is both time consuming and complicated.
Since the financial crisis,
regulators have increased requirements and scrutiny of financial institutions
for maintaining compliance. At the same time, every financial services
organization needs to be aggressive about increasing and improving their
services in order to remain competitive and attract new customers.
IT departments within financial
organizations are facing unprecedented change:
- Companies now face competition on a global scale with nanosecond transactions
- Customer applications are on 24x7 and outages are unacceptable
- Security threats have become the #1 IT issue
- Company reputation / brands threats – the Ponemon Institute reported in September 2014 that 43% of companies experienced a data breach in the past year
- Cloud, Big Data, Mobility & Security require additional investments in order to compete
- IT budgets continue to be constrained and/or are shrinking
There are also market challenges financial companies must deal with:
- 24 x 7 Infrastructure (always on)
- Cost of down time is ever increasing
- Cybercrime is rampant
- New data privacy laws
Kevin Origoni
Director/IT and Information Security
Lenders Compliance Group