By Karen Wheeler, Vice President and Country Manager, Affinion UK
According to a new report by cybersecurity firm Norton, more than 17 million Brits fell victim to cybercrime in 2017, with hackers stealing an estimated total of £4.6bn from UK internet users specifically. It’s not exactly surprising, given that cyberattacks on both consumers and businesses dominate the headlines on a regular basis, with the most high-profile online fraud and data breaches causing disruption across the world.
Last year, the WannaCry ransomware infection became a global catastrophe and one of the largest data hacks in history, with the impact of the virus reported in 99 countries, including the UK, Spain, Russia and China. The attack saw hackers exploit a weakness in legacy Windows systems and hold businesses to a bitcoin ransom by encrypting data hosted by organisations who hadn’t applied Microsoft’s latest patches.
It came less than two months after payday lender Wonga revealed around 245,000 of its UK customers had been affected by a cyber attack in which hackers stole data including names, addresses, bank account numbers and sort codes.
With Ciaran Martin, the head of the National Cyber Security Centre recently warning a major cyber attack on the UK is a matter of “when, not if”,it seems it’s inevitable that the next cyber attack is just around the corner.
A time for focusing on cybercrime
With this in mind, it’s not surprising that the 28th January officially marked international Data Privacy Day. This annual event began in the United States and Canada in January 2008 and has now gone global, with more than 50 countries onboard, including the UK. It aims to empower individuals and raise awareness about how personal customer data is used, stored and managed – as well as to encourage businesses to respect privacy, safeguard data and enable trust. This is especially relevant for financial institutions like banks and insurers, which see consumers are entrusting them with sensitive data that, if breached, could cost them hugely.
The dual focus of Data Privacy Day on individuals and organisations shines a spotlight on one of the biggest questions in the age of data security: who is responsible, and accountable, for protecting customer data? Is it customers themselves, providers or even government bodies who should be taking charge? If these questions are left unanswered, the war on cybercrime will be lost.
Empowering customers to protect themselves
With the amount of international press attention raising awareness of cybercrime, individuals are all too aware of the threat of attacks. New research by McAfee reveals that 61 per cent of consumers are more worried about cybersecurity today than they were five years ago.
And for many, fraud isn’t just a potential threat – it’s a reality. The Symantec Internet Security Threat Report found that nearly 700 million people across 21 countries had experienced some form of cybercrime. This problem is made worse by the fact that they don’t know where to turn for help; 41 per cent of people globally can’t identify a phishing email and often guess to an email’s legitimacy.
However, steps are being taken by organisations like the UK’s Financial Fraud Action to educate consumers to at least spot basic signs of fraudulent activity. In 2016, the industry body launched Take Five, a national campaign offering advice to help people protect themselves from preventable financial fraud. Advice which all consumers can use to further secure their data includes never disclosing full passwords, and the warning signs to look out for in suspicious emails or texts which claim to be sent from their bank.
But this is just the start of the education process. What more can financial institutions do to help keep their customers safe from fraudulent activity?
An opportunity for financial institutions to take on a bigger role
When it comes to data security, financial institutions are arguably some of the most important businesses from a consumer standpoint. They turn to insurance providers for additional peace of mind and ensure they are covered when the worst-case scenario becomes a reality. If trust is lost due to data breaches, the relationship will be lost.
Similarly, banks exist to manage and protect people’s finances, so reducing a consumer’s exposure to financial fraud must be a core element of the business. At a time when challenger banks offer more choice for consumers than ever before, it’s important banks offer customers guidance when issues arise and do everything possible to stop them occurring in the first place.
At a time when customers have an abundance of choice, the provision of fraud prevention and resolution services could help them find a much-needed point of differentiation. They can move from the supplier of a specific service – such as a current account or house insurance – to a role in which they add value in multiple areas of the customers’ lives.
Such services would make a huge difference for the customer, especially when it comes to accessing hard-to-access areas like the dark web. The majority of customers won’t know what this is so definitely won’t know how to react if sensitive data is published here. Clearly, knowing that the dark web is being scanned for potential breaches offers additional peace of mind. If financial institutions are adding value in this way, not only will consumers feel safe in the knowledge their data is secure but they’re also more likely to become brand advocates when the business is going the extra mile.
Turning the spotlight on data protection
Although Data Privacy Day sets out to raise awareness of cybercrime on a global scale, it’s clear that keeping customer data safe vital all year round. Raising awareness is an important first step but organisations can also offer practical advice and services that further build trust with the brand and minimises the chance of consumers switching providers.
As hackers become increasingly knowledgeable about the weaknesses available for them to exploit customers, ignoring this simply isn’t an option for financial institutions. If they can make themselves indispensable in the fight against cybercrime, they can build towards a more loyal customer base – and keep their reputations intact at a time when data breaches will quickly hit the news.
It’s time for banks and insurers to look beyond the threat and instead see the challenge and increased responsibility as an opportunity to step up and fulfil a new role in their customers’ lives – whether it’s on Data Privacy Day or indeed, any other.