WMA JOURNAL Issue 4 Autumn 2015
In this issue
Defence against Cybercrime The changing face of research 25 facts celebrating 25 years of the WMA Industry Statistics The importance of implementing a robust policy management programme
Issue 4 Autumn 2015
1
Liz Field, CEO Of The WMA, Warns That Employees And Clients Are The True Priority For Defence Against Cybercrime Liz Field CEO, Wealth Management Association
W
ith the headlines dominated by constant high profile attacks, cybercrime has become an increasingly pressing issue for individuals and businesses alike. Wealth management firms are also at risk because of the large amounts of personal and financial information they hold for their clients.
6
@WMA_UK
In fact, wealth managers and other companies in the financial services sector are more than twice as likely to be attacked than those in other industries. Thirty nine per cent of companies in the financial services sector suffered cyber attacks in 2014, compared to just 17 in other sectors, according to research from analysts PwC [1].
The industry has responded to the threat with increased investment – 38 per cent told PwC they are boosting spending on cyber protection this year [2]. This is a good start and investment must continue, but the WMA believes firms must also ensure both their staff and their clients are aware of the risks.
WMA Journal
Wealth management firms are an attractive target for cyber criminals because they hold a large and varied amount of personal information about their clients. Extremely sensitive data including bank account details, addresses, risk appetites and family information must be kept on file as standard, making every firm a potential source for criminals looking to access financial information and commit identity fraud. While it is encouraging that so many firms are investing in more cyber security measures, this is meaningless if the human side of the business does not keep up. Spending a fortune on state-of-the-art security without investing in knowledge is akin to installing a bank vault and leaving the back door open. We have seen our members increasingly implementing new cyber-security measures including encryption, coding and the use of complex passwords. Nonetheless,
research from IT trade association CompTIA has found that human error is the cause of 52 per cent of all security breaches [3]. Cybercrime has become increasingly lucrative as more data is created and stored, with the current amount of global data expected to increase 50 times over by 2020 [4]. Attacks are believed to cost the global economy more than half a billion dollars every year, with GCHQ estimating that eight out of ten leading British firms have suffered serious attacks. The truth is that every employee of a wealth management firm is a potential security gap, and just one person not following procedure is enough to let hackers into the organisation. All firms should hold regular training programmes to educate employees about the risk posed by cybercrime, both at work and at home.
Social media is an especially big blind spot for many organisations, with employees being unaware of how easy it is to inadvertently leak sensitive information, or the danger posed to their firm and its clients if they are hacked themselves. It is vital to constantly review and tighten procedures and protocols, as well as investigate new lines of defence, especially as firms increasingly digitise their offerings. Clients must also be brought up to speed on the risks facing their wealth and coached on taking steps to protect themselves. The WMA is facilitating the sharing of safe practice information and awareness of cyber threats in order to help its member firms better cope with the threat of cybercrime. The association is working closely with experts in the field and with the National Crime Agency (NCA) to provide events and reference materials for its member firms this year.
[1] https://www.pwc.com/en_GX/gx/financial-services/publications/assets/pwc-gecs-2014-threats-to-the-financial-services-sector.pdf [2] http://www.pwc.co.uk/financial-services/issues/financial-services-firms-plan-to-increase-cyber-spending-cbi-pwc.jhtml [3] http://www.cbsnews.com/news/the-human-element-and-computer-security/ [4] http://e27.co/worlds-data-volume-to-grow-40-per-year-50-times-by-2020-aureus-20150115-2/
Issue 4 Autumn 2015
7
Report designed by Cicero No responsibility for loss to any person acting or refraining from acting as a result of any material contained in this publication can be accepted by the WMA, the author, publisher or printer. The views expressed by individual contributors are not necessarily those of the Association. Company limited by guarantee. Registered in England and Wales. No 2991400. VAT registration 675 1363 26. Published for the WMA by WordWide London. Copyright WMA 2014.
22 City Road Finsbury Square London EC1Y 2AJ Tel: +44 (0)20 7448 7100 Fax: +44 (0)20 7638 4636 www.thewma.co.uk Twitter: @wma_uk Members: enquiries@thewma.co.uk Non-members: info@thewma.co.uk
Issue 4 Autumn 2015
23