Though overall perception of the world’s risk has decreased in recent years, an astounding 71 percent of banks and financial services firms admitted to being concerned about data breaches and cyber-attacks.
The Travelers Companies, Inc. recently announced the results of this year’s Travelers Risk Index, which examines American consumers’ and business leaders’ perceptions of the major risks in today’s world and steps taken to mitigate them. Alongside cyber threats, liability and compliance spur major worries, as well; 62 percent of banks and financial services firms worry a great deal about legal liability, while 60 percent are concerned about compliance with federal regulations; and more than half (52 percent) worry about their ability to understand and comply with potential changes to Dodd-Frank Act. So, despite an overall brighter outlook for businesses, banking and financial services businesses, specifically, are increasingly seeing more risk in their business environment.
Financial issues remain the leading concern for both consumers and businesses, though such consumer worries have decreased in the last year (64 percent versus 70 percent). Identity theft and personal safety follow in rank for consumers, but cyber threats stand as a major, leading concern for consumers and businesses alike.
As we traverse the Information Age and our increasingly interconnected world, both groups fear cyber attacks and hacking (and theft) of financial accounts and personal or proprietary data. More specific concerns have held steadfast as well. Security breaches rank highest (50 percent worry at least some about this), followed by computers becoming damaged or going down (48 percent). Someone gaining access to the company’s banking accounts or financial control system ranked third (47 percent).
These concerns are intensified in the banking and financial services field; 57 percent of the sector reported that their business was becoming more risky, compared to 37 percent of all businesses. Sixty-two percent of commercial banks and credit unions said their business was becoming more risky, compared to 52 percent of mutual fund managers and other financial advisors.
Fewer than 1 in 5 are very confident in their ability to avoid or mitigate a cyber incident. At 70 percent, a security breach is of greater concern to this industry, compared with 50 percent of all businesses. Also, just over 1 in 5 banking and financial services businesses (21 percent) have separate cyber insurance, and more than half feel that they are already covered through other insurance.
Legal liability and government regulations also generate greater concern among banking and financial services companies than others. Businesses overall indicate concern about the Patient Protection and Affordable Care Act, pertaining to both costs and their ability to understand and comply with its potential changes. According to a survey, “Across businesses of all sizes, concerns about the ACA are superseded only by the broader risk of understanding and complying with new U.S. laws and regulations generally. About 4 in 10 worry about this.”
Despite the myriad of risks and worries, only 3 in 10 business owners/executives feel “very confident” that they are properly insured and only 57 percent feel “somewhat confident.” Overall, just 40 percent of all businesses regard insurance as an important management activity, and they are less likely to take measures that consider long-term, less immediate threats, including cyber risk care. Only 1 in 3 businesses review their data security plans and practices; less than 1 in 4 have created a cyber/data breach incident response plan (22 percent) or established employee data protection education and practices (22 percent).
Maybe we need to worry less and do more?