Why information security certification matters
There has never been a more crucial time to focus on data security. Cyber crime is becoming increasingly prevalent, and the stakes are high for any organisation routinely handling client data.
So, what role do industry standards and accreditations play in securing organisations and client data solutions?
In March 2022, the Financial Conduct Authority (FCA) stated that firms must have made the necessary investments to ‘operate consistently’ within their impact tolerances by no later than March 2025.
The Prudential Regulation Authority (PRA) also called on managers to ask themselves fundamental questions: how will we identify and protect critical assets? And how will we detect and respond to incidents that arise?
According to research conducted by HSBC, it takes two years on average for an organisation’s trust with investors to have recovered following a cyber incident. Furthermore, the share price of companies affected underperformed by an average of 15.6% in the three years after, with financial companies tending to fare worse than other sectors.
It is no secret that large data breaches cost money, disrupt day-to-day business and tarnish clients’ trust in an organisation.
For example, the asset and wealth management division of Morgan Stanley has fallen afoul of several data breaches, from external cyber attacks to leaked customer banking and login credentials. Similarly, development finance institution Norfund suffered a series of data breaches in 2020, with a mixture of manipulated data and falsified information leading to fraudsters making off with $10 million.