by Rob Pooley

Solutions Director

Connect with Rob Pooley on Linkedin Connect with Rob Pooley on Linkedin

2021 State of Financial Services Data Risk

The market leaders in Data Risk Management, Varonis, have released their fourth annual Global Data Risk Report.
There’s some interesting findings!

 

The Financial Services Data Risk Report

2021 Data Risk Report by VaronisThis year, for the first time, vertical specific reports have been generated.  The Financial Services report focuses on the data security of banking, insurance and investment firms and was compiled using data analysis of over 4 billion files.  You can download a copy of the report here…

 

On average, a financial services employee has access to nearly 11 million files the day they walk in the door.

That’s access to 13% of the company’s total files. Put into perspective, employees in the smallest financial services firms have unrestricted freedom to view, copy, move, change and delete data for over half a million files. In the largest firms it’s 20 million files!

The challenges of 2020 forced many companies to abruptly step into the cloud using tools like Microsoft Teams without proper cybersecurity preparedness, inadvertently increasing their attack surface as employees logged in through unsecured networks and home computers. Data risk therefore increased, exponentially so in companies with gaps like passwords that never expire and with folders containing sensitive data open to every employee. Mobilising without proper security controls has increased the risk posed by insiders, malware, and ransomware attacks, and exposes companies to possible non-compliance with regulations such as SOX, GDPR, CCPA, and PCI.

 

  • 20% of financial sector files contain some form of ‘sensitive’ data.
  • 70% of all sensitive data is stale.
  • 64% of financial services companies have 1,000+ sensitive files open to every employee.

 

By gaining visibility into who has access to what data in your environment, knowing when data was last accessed and classifying all sensitive data, it’s possible to purge data that’s no longer needed and apply sensible controls that remove access privileges to sensitive data you need to retain. This significantly reduces data risk and demonstrates best practice in the eyes of data privacy and security regulators.

 

Free Data Risk Assessment

In conjunction with Varonis, Saepio can offer an initial free of charge assessment to gain visibility into the extent of your data risk. The tailored report will give you remediation guidance.
Just contact us to learn more about the process.