The latest PricewaterhouseCoopers (PwC) information information security results show that financial companies are still not doing enough for information security and privacy. Here are a few of the findings:
- “Over half of global financial firms have no accurate record of where customer and employee data is collected, transmitted or stored”
- “51 per cent of financial services providers said that they do not mandate third parties to adhere to their own privacy policies.”
- “Although 81 per cent of respondents to the PwC survey said they are ‘somewhat’ or ‘very’ confident in their own or their partners’ information security procedures, only 45 per cent carry out due diligence on third parties that handle sensitive customer and employee data.”
- “Some 41 per cent do not encrypt data stored in databases, 52 per cent do not encrypt file shares, 43 per cent do not encrypt backup tapes, and 33 per cent do not deploy laptop encryption.”
Tags: awareness and training, Information Security, information security study, IT compliance, IT training, policies and procedures, privacy training, PwC, risk management, security training