At least 12 major cybersecurity breaches affecting hundreds of millions of people took place in 2017. These major breaches were largely caused by hackers getting through inadequate or relaxed technical barriers.
The credit agency Equifax breach, finally made public in September, months after it happened, involved 143 million people, whose private data — from Social Security information to driver license numbers — were stolen.
In December, Alteryx, a data analytics firm that had purchased data from Experian — another large credit-reporting agency — exposed the data of some 120 million American households.
Today, experts estimate that personal information for more than half the adults in America already is in the hands of cyberfelons. What can be done by broker-dealers and other financial-services companies?
“Authentication is now the primary defense, since the felons have already stolen the data,” said Lou Harvey, CEO of Dalbar, an independent financial-services market research firm, in an interview with ThinkAdvisor.
(Please try this short advisor Cybersecurity Survey.)
The speed at which cybercriminals launch attacks means the industry has no choice but to be more vigilant in protecting the precious information it keeps for its investors, so it can give more peace of mind to advisors and their clients.
The public already sees cybercrime as a major threat. Research by Bitdefender, a cybersecurity technology provider based in Bucharest, Romania, finds U.S. citizens are more concerned about stolen identities (79%) than email hacking (70%) or home break-ins (63%).
One major problem for the financial-services industry is that authentication methods are “severely outdated,” according to Harvey. “Many institutions have not yet recognized that cyberfelons already have the data to beat these practices. Millions of clients’ assets are at risk.”
To determine the state of current authentication practices today, Dalbar, a Boston-based research firm; ThinkAdvisor; and 15 major financial-services firms are working together to study and locate the real threats in cybersecurity authentication and then will “create a roadmap to improving protection,” Harvey says.
By surveying broker-dealers, RIAs, mutual fund and insurance companies, and retirement plan providers on current practices, this confidential study will gauge current authentication methods and hence shape ways to improve them.