Security conscious financial services firms still not fully addressing IT risks

Financial services firms are more likely to take security precautions to protect their IT systems and devices than other sectors, according to a study by Aon Risk Solutions.

The survey found that financial services report the highest level of laptop encryption, with 52.4% claiming all data on corporate laptops is encrypted.

Despite taking these precautions, however, the study claims cyber risk is still not a board level priority in the financial services sector. The survey revealed that only 35% of companies were reporting on cyber risk to their boards during the normal course of business.

“One way to interpret this is that this percentage (of firms) relegate cyber risk to being 'an IT issue' and therefore are not actively engaging in this business-critical risk from a senior management level,”  said Sarah Stephens, European head of cyber and commercial errors and omissions insurance at Aon Risk Solutions.

“We find that banks and other financial institutions have not yet fully baked cyber risk into their operation risk processes,” she added.

Stephens said that, while there is a greater emphasis on cyber attack prevention in the financial services sector, some organisations still needed to identify their potential weaknesses and find ways to eliminate or mitigate against those issues.