More than half (52%) of CISOs are prioritising GDPR compliance over the next 12 months, new data from the 2017 Financial Services Information Security Network shows

  • Latest survey conducted at the 2017 Financial Services Information Security Network event highlights the top security concerns amongst financial services CISOs ahead of GDPR coming into force in May 2018
  • 46% of CISOs said that security awareness management was a priority, up from 29% in 2016 

Over half (52%) of financial services CISOs are focusing on GDPR compliance as an investment priority for the upcoming year, data from the Network Group Events’ 2017 Financial Services Information Security Network event shows. The survey found that nearly three quarters (74%) of CISOs in the sector were prioritising security governance and compliance management in their cyber-security strategies, up from 64% at the 2016 event. This data highlights the areas of compliance CISOs will be focussing on ahead of the GDPR regulation coming into effect in May 2018.

The results have also shown a growing number of CISOs are prioritising security awareness measures, with 46% placing awareness measures as an investment priority, a rise from 29% in 2016. However, despite a number of high profile attacks including Tesco Bank and Talk Talk, CISOs continued to focus less on DDOS protection, with just 23% planning to invest in systems that combat these attacks.

Jake Summerfield, Managing Director, The Network Group Events said:

“Financial Institutions are facing what can seem like an overwhelming challenge to ensure their systems and processes are compliant with the incoming GDPR regulation, and it can be difficult to prioritise this amongst day-to-day security threats.

“However, as our data shows, investment in GDPR compliance is clearly a key priority for CISOs. With this new regulation on the horizon, it’s not surprising that 74% of CISOs are prioritising investment in security governance and compliance management. Ensuring compliance with GDPR is going to be a momentous task for financial services firms as they adapt their processes and systems in line with the new regulation, but it’s crucial that these firms do not do so at the expense of investing in other vital security measures.”

The survey polled over 70 financial services security experts at the CISO or Head of Information Security level about their cyber-security strategies for 2017-18 and what measures they would be investing in. More than two-fifths of the CISOs surveyed came from large firms with over 10,000 employees, whilst 39% of respondents were from financial services companies that had a turnover of over £1.6bn.

To Top