Despite FIs increasing their annual spending on cybersecurity to $600 million, trust in financial institutions still remains relatively low around the world. This is according to new research conducted by Utimaco, which surveyed consumers across various countries including the United States, Mexico, Germany, and the UK. The research revealed that just 13% of people trust FIs completely, while 5% don’t trust them at all. The majority of people indicate that they only have ‘some’ trust in FIs’ digital security. The survey also found that cash remains the most trusted payment option, believed to be secure by 36% of people, while only 12% of respondents believe credit and debit cards are secure.
The lack of trust in digital security has a direct impact on FIs’ bottom line. Many consumers resort to using cash due to trust concerns, which can be problematic for FIs as processing fees from individual card transactions make up a significant portion of their revenue. Furthermore, this lack of trust poses an issue for companies looking to expand their capabilities and services, as consumers in the survey had the lowest levels of trust in cryptocurrency, with only 2% worldwide citing it as secure.
With customer trust playing a crucial role in whether new payment methods achieve mass adoption, FIs are facing challenges in fostering a sense of security for their digital offerings. This is further compounded by the fact that open banking is not more widely adopted, with trust being a significant factor.
Utimaco CEO, Stefan Auerbach, stresses that traditional cybersecurity systems are not enough in today’s tech landscape, as hackers can gain full access to a company if they breach the system. A new security framework called zero-trust is seen as a potential solution. The zero-trust framework uses robust access controls and continuous authentication mechanisms to ensure that sensitive financial systems and data are only accessed by authorized entities. This includes user identity verification through multifactor authentication (MFA) and the least privilege principle, which restricts user access only to the resources required for completing tasks. Auerbach highlights that zero-trust is more formidable against modern threats, from account takeover to sophisticated malware attacks.
The zero-trust approach can be implemented by FIs to mitigate data breaches, safeguard customer financial information, and uphold regulatory compliance standards such as PCI DSS and GDPR. The segmentation strategy breaks the network into distinct zones, and each segment can be isolated and fortified to prevent specific threats, leveraging firewalls, intrusion detection systems, and encryption to bolster these barriers. However, there are some costs and drawbacks associated with implementing zero-trust, particularly for FIs still using legacy systems.
Auerbach outlines steps for creating a successful zero-trust environment in a financial services company, including defining the perimeter, microsegmentation, continual device monitoring, data inventory categorization, and the implementation of security controls. He emphasizes that organizations best placed to deploy a zero-trust environment usually have the experience of a partner that has been building and integrating these systems for over 40 years.
About author Stefan Auerbach, CEO, Utimaco, has a background of over 30 years in R&D, Service, Marketing, and Management of Global Sales Organizations for Information Technology and Mobile Security. He started his career in Nixdorf Computer, held several key management positions in Siemens Nixdorf, and was a long-term Board Member in Wincor Nixdorf and Giesecke & Devrient.
Utimaco is a global platform provider of trusted Cybersecurity and Compliance solutions and services with headquarters in Aachen, Germany, and Campbell, CA, USA. The company develops on-premises and cloud-based hardware security modules, solutions for key management, data protection, and identity management, as well as data intelligence solutions for regulated critical infrastructures and public warning systems. With over 550 employees around the globe, Utimaco creates innovative solutions and services to protect data, identities, and communication networks with responsibility for global customers and citizens from various industries. Customers and partners value the reliability and long-term investment security of Utimaco’s high-security products and solutions.