However, not all crime is conducted directly online. Some people are tricked into giving away details over the phone or are told to use their banking app to transfer money into a safe account. This multi-channel approach means that at every touchpoint, an organization must be aware that their customers could be at risk; they need to put systems and processes in place to mitigate cybercrime.
According to a report by McAfee, the European economy is one of the worst affected areas in the world. The statistics suggest that 0.84% of Europe's GDP is affected. Looking at the UK specifically, it is estimated that the cost of cyber-crime to the UK economy is £27bn – and it is growing.
One of the latest and most high-profile risks that have come to people's attention over the past 18 months are customer data breaches. Customers are increasingly aware that organizations hold a lot of their personal data and they want to be sure that it is safe. The General Data Protection Regulation was brought into place to ensure that organizations are acting responsibly when it comes to processing and storing customer data.
The financial impact of not following these guidelines, or for not having the correct systems in place, has been significant. Just months after the new regulation came into place, British Airways were one of the first companies to fall foul when 500,000 pieces of customer data were stolen, which resulted in them receiving a £183m fine.
Before any cyber-crime has taken place, there is a significant cost to businesses that need to purchase software, implement new processes and training, and even employ new cybersecurity teams to deal with threats. For global organizations, there may also be a need to hire consultants to advise on what they need to do to keep themselves and their customers safe.
One of the consequences of cybercrime that will affect every business is the direct costs. This could be money lost by the business or by consumers. It could also be the loss of reputation to a brand. If a bank suffers a cyberattack and customers lose money, they are likely to lose confidence, which can have a huge knock-on impact on business performance and profits.
Following on from an attack, there may also be payments that need to be made. On top of losing money in an attack a business, may also need to pay out compensation, fines, and legal costs. Depending on the type and severity of the attack and the data that was lost, this can amount to millions of pounds, as demonstrated by the British Airways case.
While the sheer number of credentials exposed in these leaks are astounding, it’s not surprising, as it only added to the billion plus passwords we already knew were floating around on the dark web. Below Andrew Shikiar, chief marketing officer of the FIDO Alliance, explains why the classic password is on the down.
What is surprising is the continued reliance of traditional username/password authentication, despite knowing it is easily breached and susceptible for compromise via credential stuffing attacks.
The problem of authentication has indeed risen to the forefront in recent years as a vast majority of publicised high-profile data breaches have been traced back to weak and shared credentials; usually a username and password combination stored in easily exposed, central databases that hackers can easily infiltrate. Even among IT professionals, who should lead the way when it comes to secure authentication, 69 percent share passwords with colleagues, and over half reuse an average of five passwords across business and personal accounts, according to a recent survey. With nearly 50% of shopping cart abandonment being due to password issues (per a Visa study) and a large proportion of costly IT support calls within enterprises related to passwords, weak authentication is also becoming an economic burden for many businesses.
The good news is that the tide is turning. Rather than encouraging users to change all of their online passwords – which more often than not results in easy-to-remember passwords being recycled across different accounts – website and app developers can now look to new web standards from FIDO Alliance and W3C for strong authentication that will enhance security while improving the user experience. As service providers start to turn on these capabilities, we’ll begin to see an accelerating shift away from passwords – which in time will consign credential leaks such as Collection #1-5 to history.
Mobile devices, PCs and web browsers are now shipping with the capabilities for strong authentication – combining cryptographic protection of user authentication credentials, which can’t be phished and in fact needn’t ever leave the user’s device, with a low-friction user. By building applications and websites that support new web standards for strong cryptographic authentication, developers can now leverage these authentication mechanisms that are literally already in their users’ hands — from fingerprint, iris, face or voice recognition in PCs and mobile devices to portable hardware security keys — to improve security for their businesses and their users.
As 2019 progresses we are surely going to see biometrics and other embedded authentication sources continue to contribute to an enhanced customer experience. The new version of 3D Secure, for example, will be optimised for mobile devices and enable the implementation of secure biometric user verification. Biometrics are likely to impact the financial services industry as well, given their potential to enhance organisational and consumer demand for transaction convenience, while ensuring compliance with regulations such as the Second Payment Services Directive (PSD2)
While this development is welcomed, the industry needs to continue to commit to creating and implementing technical standards and established best practices, which can also inform emerging government regulation around this technology. Organisations may not be able to eliminate all passwords immediately, but 2019 should be the year that dependency on them begins to decline, as companies look to improve processes and aim to eliminate the burden of managing them -- setting the stage for broader enablement of password-free online experiences as we head into the next decade.
Widespread confusion about cancer symptoms among employees could be leading to delayed diagnoses and irregular self-examinations according to new research by Bupa UK.
One in two people in the UK will be diagnosed with cancer in their lifetime, however 53% of employees in the financial services sector are confused about what to check for when it comes to common cancers such as skin, bowel or lung.
The study found over half (56%) also say it is hard to remember the warning signs or physical changes they should look for. As a result, a third (32%) of employees have never checked themselves.
This confusion is one of the significant factors that could delay diagnosis. One in five (19%) employees said they have delayed seeking medical advice about a symptom as they “didn’t realise what to look for”. But for a fifth of these people (4%), this symptom was later diagnosed as cancerous.
Additionally, a third (35%) of those across the financial services sector would worry about taking time off from work to have a symptom checked.
Being able to recognise if something is wrong is important for improving survival rates, which is why Bupa has created a simple Cancer Check-CUP guide, which can be incorporated into health and wellbeing guidance for employees.
If someone experiences all three signs they should get medical advice.
Is something about your body different or unusual? Is something new, or does something feel ‘wrong’ to you? Trust yourself to know what is right and wrong and seek help.
Can you pinpoint why something has changed, why you are feeling physically unwell? If not, it is worth further investigation.
Have you been experiencing this or feeling unwell for longer than two weeks? Watch out for the symptoms that you can’t shake off.
Creating a culture where people feel comfortable discussing health challenges at work can help ensure that employees receive the support they need, but the research also highlights that for nearly half (46%), cancer isn’t talked about in their workplace.
The financial services industry must “unite and fight” against a no-deal Brexit that potentially erodes clients’ rights and damages the financial sector itself.
This warning from deVere Group founder and CEO, Nigel Green, comes as the UK's International Trade Secretary, Liam Fox, said that Britain should accept a ‘no-deal’ scenario, instead of requesting more negotiating time.
It also follows MPs being told earlier this week by the Association of British Insurers that it could be “illegal” to pay private pensions to British expats if the UK crashes out of the EU with no deal.
In addition, the City of London is claiming that Brexit will cost Britain up to 12,000 financial services jobs in the short-term, with many more potentially disappearing in the longer term.
Mr Green says: “Now is the time for the financial services industry to unite and fight against a no-deal Brexit that potentially erodes clients’ rights, protections and freedoms. It must also stand against it potentially damaging the financial sector itself.”
He continues: “It is an outrage that if the UK crashes out of the EU, and free movement of capital stops because there is no agreement in place, people could stop receiving their hard-earned retirement income, saved over many years, simply because they have chosen to live outside the UK, which they are perfectly entitled to do.
“As an industry we need to step up, lobby the policymakers, and ensure clients are secure on this issue, amongst others. We need politicians to guarantee their rights, choices and safeguards as a matter of urgency.”
Mr Green goes on to say: “This latest warning, and the ongoing uncertainty, is likely to trigger even more people who are eligible to do so to consider moving their British pensions out of the UK into HMRC-recognised pensions while they still can.
“Many will be seeking to safeguard their retirement funds by transferring them into a secure, regulated, English-speaking jurisdiction outside the UK.”
The deVere CEO adds: “The financial sector also needs to make its own voice heard.
“The industry needs continuity and certainty. What it does not need is the chaos and the expense of a no-deal Brexit.
“A no-deal scenario will likely mean a reduction of the services and products that we are able to offer clients, as well as increased costs for businesses and, ultimately, the client.
“Therefore, we must actively engage with politicians – who largely seem only to have their own political agenda at heart - to prevent this from happening.”
(Source: deVere Group)