Editorial & Advertiser disclosure

Global Banking & Finance Review® is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website.

Home > Finance > How financial services can reduce the risk of a breach

How financial services can reduce the risk of a breach

Published by Jessica Weisman-Pitts

Posted on February 16, 2022

4 min read

Last updated: January 20, 2026

Businessman demonstrating digital security concepts for financial services - Global Banking & Finance Review — An image depicting a businessman emphasizing the importance of digital security practices in financial services to mitigate data breaches. This relates to how financial institutions must adopt robust communication security strategies.

By Rick Goud, CIO & Founder, Zivver

With so many communications being handled digitally, and new channels emerging almost all the time, it’s not surprising that data and information quantities have exploded. But these days, safeguarding data goes beyond strong encryption and defending against cyber attacks. For a number of reasons, many financial companies have yet to adopt a more holistic approach to communication security, which in turn can put sensitive data at risk.

For data security, wealth management and insurance firms have a bigger target on their backs than most businesses. However, when strategising for data loss prevention in email, the focus for IT leaders traditionally remains on incoming and malicious attacks, leaving finance organisations open to the leading cause of data incidents. According to ICO reports, these are most commonly non-cyber related issues.

In the wake of a widespread adoption of remote working, email has become an even more essential tool for businesses. Yet as digital communication links have rapidly developed in the last year, so too have the number of vulnerabilities that cyber criminals can exploit. To close these gaps, wealth management and insurance firms need solutions which combine secure technology with watertight email practices.

Remote working has permanently changed the way businesses deliver advice and serve their clients. The way we work has changed; our workspaces have moved away from offices and conference rooms towards a heavier reliance upon email, instant messaging, and video calling for sharing confidential information. Employees have adapted to working from home; however, with our days busier than ever, it’s inevitable that, occasionally, mistakes will happen.

Did you know that most email users are sending around 30-40 emails a day? Now think about the fact that the wealth management sector in particular deals with extremely confidential, high-profile and/or high net worth proceedings. Those 30-40 emails could contain information relating to a client’s savings, investments, income and financial commitments.

Outbound security is key

Built-in security of email platforms fails to deliver sufficient protection against these ‘outbound’ email-borne security breaches. Likewise, many employees do not know how to recognise emails sent with malicious intent and take action, opening new opportunities for inbound threats missed up by the platforms’ shields and filters.

High-value fraud attempts via business email compromise (BEC) continue to make it through O365’s native security solutions, leaving firms more exposed to data breaches. These organisations often hold as much personal information, corporate data, customer information and financial data as banking institutions, despite having smaller budgets or a smaller-headcount on their security teams to ensure their digital perimeters are secure. In fact, research revealed only 31 percent of smaller family offices had implemented cyber security measures, versus 60 percent of larger operations.

The fact is that most of today’s security solutions focus on threat protection and are built to keep ‘inbound’ risks – malware, phishing attacks and spam – at bay, as these are consistently viewed as the biggest risks to email security. But when it comes to misdirected emails (reported by The ICO as the number one non-cyber security incident faced by businesses in the finance, insurance and credit sectors) it is clear that data loss via human error or more insidious insider threats are security risks that are consistently overlooked.

It’s not enough to focus solely on inbound threats and keep the attackers from coming in; businesses need to ensure they prevent sensitive data being accidentally or maliciously sent out. But why aren’t existing email security solutions doing this?

Popular email service providers may have outbound email filtering rules – but these are often too rigid to adapt to evolving ways of working, and often depend heavily on IT teams having to constantly update and configure them.

Outbound emails accidentally sent to the wrong recipient, with the wrong document attached, with the wrong person cc’d, often result in a data breach, resulting in reputational damage, penalties due to a failure to comply with data compliance laws and a financial loss in more ways than one.

Business leaders must question; do their existing security solutions do enough to empower employees in protecting day-to-day communications? After all, preventing data leaks requires organisations to increase their focus on outbound email security, which includes preventing unauthorised access with two-factor authentication. If done in a way that is user-friendly, while also being simple to implement and maintain, financial organisations can unlock business value.