electronic documents, files, bureaucracy

Information security top operational risk concern

1 November 2020

Information security has become the top operational risk concern for financial services, a new report from ORX* has revealed. 

According to the report ‘Top Risk Review, Monitoring the ongoing change in the operational risk profile, October 2020’, more than four fifths (83%) of financial services organisations rated information security, including cyber, within their top five concerns for the coming 12 months.

The second biggest challenge was identified as Third Party Risk, while business continuity was rated third.

The research found that the Covid-19 pandemic had exacerbated information security risks for organisations, with a greater number of employees working from home and likely to have lower levels of information security.

With remote working arrangements proving more long-term than previously expected, 79% of respondents believe they have not yet seen the full operational risk impact of the pandemic. Two fifths (40%) believe the full impact will be felt over the next 12 months, while 37% expect it to be experienced over the next 18 months.

Steve Bishop, head of risk information, ORX, says: “Participants reported more frequent and sophisticated cyber attacks. A shift towards the digitalisation of products, services and work environments also increases exposure to information security threats.

“The pandemic has seen a rapid and seismic shift in our working environments, with large swathes of previously office-based workers now operating remotely from home where there tends to be lower levels of information security hygiene, particularly where fatigue may start to set in amongst employees as we progress through the winter.

“Furthermore, there is also a risk of control gaps opening up as financial services organisations accelerate their plans to digitalise their interactions with customers, running the risk of exposing legacy systems.”

Bishop added: “Information security and cyber risks are increasing in frequency and are here to stay.”

*ORX is a not for profit membership organisation for operational risk professionals working in financial services.

Professional Paraplanner