The life and pensions industry dedicates an average of only seven per cent of its IT budget to security.
According to Logica's white paper ‘Information security in the UK life, savings & investment and pension sector', the industry has recognised the lessons of recent data security breaches, the industry still has a small spend on data security.
In comparison to a 20 per cent by the banking industry, the majority do not see security as a board issue and no formal measurement procedures or formal governance structures are put in place.
Andrew Lloyd, director of Strategic Solutions in the Financial Services division at Logica in the UK, said: “While the survey shows that the industry is taking the issue of data security seriously, this is not being translated into concrete actions. Security is a boardroom issue and customers are increasingly demanding greater levels of accountability. Investment in data security must increase very substantially in order to mitigate against the loss of market share and loss of reputation.
“Given the global financial crisis, the issue of information security is increasingly urgent. The industry must instill a sense of consumer trust in a time of uncertainty, as many customers fear their savings and pensions are unsafe. The credit crunch might also lead to an increase in on-line fraud, making the case for increased investment and accountability for security even more important.
“By implementing simple and cost-effective techniques, security risks can not only be dramatically reduced but, equally important, market share and revenues can increase. For example, digital signatures are now widely used in the banking industry, eliminating the need for physical signatures, while at the same time speeding up the sales process. Companies should also be cleaning their databases frequently, ensuring that former staff and third parties are no longer live on the system.
“Implementing security solutions can certainly give a company a competitive advantage by helping to avoid barriers to access, reducing costs, enhancing its reputation – and preventing data leaks.”