Connect with us


How ransomware attacks are eroding UK consumers’ trust in banks

How ransomware attacks are eroding UK consumers’trust in banks

By Mick Bradley, VP EMEA, Arcserve

We have seen the massive financial ramifications of ransomware attacks, with January’s well publicised attack on Travelex thought to have caused £25 million pounds in lost earnings, in addition to the £2.3 million that was paid to hackers. However, the impact that these incidents have on customer loyalty and trust has not been given the same attention, despite how critically important it is to a business’ long-term success.

Our recent survey found there is no compassion shown towards businesses that suffer ransomware attacks and take too long to recover, and that these memories continue to have significant and long-lasting effects on consumer perception. Almost 6 in 10 consumers said they would likely avoid purchasing from a business that had suffered a cyberattack within the past year, and just under half would avoid businesses that suffered one within the last three years -an extremely long time in the world of IT. Financial institutions may well end up paying dearly for mistakes made in the past, even though their ransomware prevention practices may have improved significantly in that timespan.

In the finance industry, trust is especially key. Nearly half of consumers would walk away from a bank or securities provider after a single ransomware-related disruption. In fact, consumers of financial services are more likely to make the switch to a competitor in the wake of a ransomware attack than those in healthcare, insurance, utilities or retail. Where consumers choose to put their money is a sensitive, emotional topic and this is clear in how UK consumers vote with their wallets in response to ransomware incidents. This clearly shows that cyberattacks have much more severe revenue implications than simply the short-term costs, so it’s critical that financial institutions make use of IT best practices to defend themselves if they are to have any hope of keeping the trust of UK consumers.

 How financial institutions can prepare for ransomware attacks 

Mick Bradley

Mick Bradley

Employee training will always be a vital component of ransomware prevention, particularly considering the ongoing prevalence of phishing attempts and sophisticated email fraud. But banks also need the right underlying IT infrastructure to support this. Good disaster recovery planning starts with having a firm idea of your organisation’s recovery point objectives (RPOs), or how much data a business can afford to lose, and recovery time objectives (RTOs), how quickly that data can be recovered. However, this is often no longer enough. As a result of increasingly sophisticated methods being used by cybercriminals, backups themselves are now prime targets for ransomware attacks, and should be treated as an essential part of critical infrastructure. Organisations would be wise to integrate threat detection protocols that can effectively detect and neutralise incoming ransomware threats targeting backups. Otherwise, they risk losing their final line of defence and sacrifice their chances of maintaining business continuity.

A hybrid cloud-based approach to disaster recovery, where a mixture of private, public and on-premises storage is utilised, can also be extremely useful for banks. Having multiple recovery locations adds an additional layer of safety to IT infrastructures. As workloads and applications are stored both on-premises and in the cloud, this means that data remains secure and readily accessible if an on-premises server malfunctions or a public cloud backup provider becomes compromised. This means consumers can enjoy the 24/7 levels of service which they have become accustomed to.

Investing in the proper foundation for ransomware protection also brings opportunities and represents a way for financial institutions to differentiate their products and services from the competition and can be an excellent return on investment. Over half of those we surveyed said they would pay more for products and services they thought could reliably secure their information.

How the speed of recovery affects consumer perception

Ransomware attacks happen, and with the threat of human error and the constantly evolving litany of cyber threats, they can be hard to avoid completely – even with the implementation of rigorous cybersecurity practices and employee training. However, the way in which banks maintain their business continuity and bounce back from cyber-attacks is a decisive factor in consumer perception. Our study found that half of consumers would be willing to switch their financial services provider within just 24 hours of being forced to wait to access their information or make a transaction.

Maximizing your organisation’s ability to recover quickly is key. As a result of today’s on-demand economy, consumers have become accustomed to a high standard of service as result of their experiences from other industries. This means they will settle for nothing less than constant, instantaneous access to their money – particularly with the rise of the new challenger banks. As a result, banks should explore solutions which enable true ‘continuous availability,’ where there are no interruptions to customer experience because data and systems are being replicated in real-time. Banks should ensure that they are exploring options that provide true automatic fail-over, as opposed to “manual fail-over” where switchover isn’t triggered automatically, leading to increased delays, expenses, and upset customers.

With new strains of ransomware emerging on almost a weekly basis, entirely preventing their effects is a formidable challenge – however, it’s a challenge that’s uniquely consequential for the UK banking industry. Though consumers in other sectors may be marginally more lenient, even one ransomware attack, if not handled properly, has the potential to impact revenue for years to come. Banks should instead take an aggressive, informed approach to maintaining business continuity in the face of ransomware, because the consequences are dramatically further reaching than the weekly news cycle.

Editorial & Advertiser disclosure
Our website provides you with information, news, press releases, Opinion and advertorials on various financial products and services. This is not to be considered as financial advice and should be considered only for information purposes. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third party websites, affiliate sales networks, and may link to our advertising partners websites. Though we are tied up with various advertising and affiliate networks, this does not affect our analysis or opinion. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you, or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish sponsored articles or links, you may consider all articles or links hosted on our site as a partner endorsed link.
Global Banking and Finance Review Awards Nominations 2021
2021 Awards now open. Click Here to Nominate


Newsletters with Secrets & Analysis. Subscribe Now