Speaker 1: The world of information security is one of continual change, as technological development has enabled new ways of working with information, but also new ways of stealing, defacing or compromising it. Today, the financial services industry is becoming more dependent on technology. With this, managing data privacy is becoming more important. Because this industry revolves around trust and security, it has been a very attractive focal point to cybercriminals. In fact, it has the highest number of security incidents and cyberattacks, surpassing other major industries such as transportation, professional services or retail. This comes as no surprise considering the significant value of data collected and stored by financial institutions and the potential payoff from a successful hacking operation. Regardless of where your financial institution is located, it is imperative for senior managers like you to understand why privacy is important and how you can stay ahead of potentially increasing regulatory and consumer scrutiny. Privacy is in itself a value that needs to be protected. But why is it so important for your company? First of all, it facilitates trust. Your customers trust that you have the proper security in place to prevent their information from being stolen. They are also putting in confidence in the fact that your institution will not abuse that information by selling it to other entities without their explicit consent. Failure to respect your customer privacy can damage your firm reputation and erode trust. It may also cause real psychological and financial damage to your customers. If your customers don't trust you to protect their sensitive information and use it responsibly, your efforts to leverage data to offer a better customer experience and remain competitive are in vain. A high degree of customer trust means that people will be more engaged and might be willing to trade privacy in return for benefits, allowing you to offer personalized and targeted offerings. By investing in a strong data privacy culture, you can also increase your customer-centric focus and position yourself as a safe financial institution, gaining competitive advantage. In addition, the financial impact of a loss of brand reputation and trust after a cybersecurity incident is particularly concerning for companies in your sector as they experience the highest rate of customer churn after a breach. One major reason for this is because customers have to deal with fear regarding the safety of their finances. Moreover, your company needs to make privacy of data a priority not only to protect your business and customers but also to meet regulatory requirements and industry standards. As a senior manager, you are responsible for tracking how laws in different countries affect your business operations and remain aware of the progressions being made by proposed legislations. Failure to make adjustments for these changes could result in large fines and legal issues. What is more is that the threat landscape is widening. Cyberattacks on financial institutions are increasingly sophisticated. You've seen website-based attacks known as distributed denial-of-service paralyzing bank websites with traffic and blocking customers from using internet banking. You've also heard of phishing scams often used to gain access and steal sensitive user data, including login credentials or credit card details. Moreover, man-in-the-middle attacks or SQL injections have also made headlines in the news. Accepting the fact that these attacks can lead to issues such as identity theft, insecurity, appropriation, or breach of confidentiality, you need to be aware of how to manage data privacy. It is difficult to manage risk if you don't know where you are exposed. A first critical step in managing data privacy is understanding what types of sensitive data your financial institution collects, where it is stored, who can access it, and how it is used. This also includes understanding what data is aggregated and anonymized, ensuring that if disclosed it cannot be tracked back to the individual. You may think that all these hacks happen because of a problem in the security system design. However, human error is a significant contributing factor. This is why you need to ensure that your employees are sufficiently educated on common standards when it comes to data privacy. Rather than investing significant operational resources to deal with privacy issues, your firm needs to take a proactive approach to data privacy risk management. Privacy is not just a compliance issue, it is a business issue, and making it part of your company culture can have a significant return on investment. A new operating model might be required alongside strategic investment in talent, new tools, and technologies. The task is complex, but the price is valuable. A secure financial system for the digital age. www.microsoft.com www.microsoft.com www.microsoft.com