How Financial Services Employees Feel about Cybersecurity
A new study shows that most people working in regulatorily sensitive industries such as financial services are aware of the importance of cybersecurity and privacy policies, but employers should still shape their communications to include more practical tips.
As more employers invest in cybersecurity initiatives and the workforce becomes increasingly autonomous in a post-pandemic world, Mobile Mentor, a company that provides security and support for remote workers, has released a study that explores how employees perceive privacy, security, productivity and personal well-being in the modern workforce.
Mobile Mentor says the goal of its inaugural report, “The Endpoint Ecosystem 2022 National Study,” is to educate and inform employers in regulatorily sensitive industries how to prevent security breaches—and then how to attract and retain motivated employees.
The pandemic forced many people to work remotely and to utilize both work and personal devices, the study notes. In part due to the growth of remote-first work during the pandemic, there has been a 500% increase in cybercrime, which in turn increases the focus on cybersecurity training in industries such as health care and financial services.
In the U.S., 61% of financial industry employees see a security policy every time they log on to their computer. However, survey evidence suggests many employees don’t actually read security policies, and instead just click to agree. The study suggests a more effective reminder would be using short practical tips or a thought-provoking question on security.
The study finds there is a healthy and appropriate fear of data breaches, both from an organizational and personal standpoint. Some 63% of employees believe they will get fired for a data breach, while 59% believe their executives should be fired for a breach. A whopping 33% know someone who caused a breach. The study authors say these numbers show workers in the financial services industry are more aware of the gravity and cost of a security breach relative to other sectors.
Passwords present a major vulnerability, according to the study. The responses show government workers have the least number of passwords and often the least sophisticated, while those in finance have a greater number of strong passwords. According to the study, 18% of people in the finance industry use the password reset feature daily, while younger employees use “forgot password” or “reset password” features at work much more than older workers. Across all industries, only 31% of people manage their passwords with a password management tool, while 29% write work passwords in a personal journal and 24% store work passwords using notes on their phone.
Another security risk highlighted in the survey relates to the use of personal devices. While 64% of people use personal devices at work, only 31% of employers have a secure “bring your own device” program. Unsecure personal devices can put companies at significant risk when company data is exposed on an unmanaged app on an unmanaged device with no security controls.
Health care workers feel the strongest of any industry about protecting their personal information, while Baby Boomers feel the strongest about protecting their personal information, the study says. Generation Z showed an extreme bias for privacy over security, with 82% saying their personal privacy is more important than company security.
According to the study, younger workers (Gen Z and young Millennials) don’t see a clear line between their work and personal lives. The study shows that 57% of younger employees use their work devices for personal use, while 71% use a personal device for work and 46% allow family members to use their work devices.
The study also looked at where employees felt the most productive and satisfied, with workers across all industries and generations feeling more productive working in an office than at home. Other findings show financial workers care the most about job satisfaction and government workers the least. Additionally, 71% of remote workers report better job satisfaction now than they did two years ago, while only 53% of office workers say the same.
By using this site you agree to our network wide Privacy Policy.
Financial Literacy Commission Eyes Climate Change and Crypto Scams
During a recent hearing, members of the commission discussed the interplay of climate change, crypto assets and the financial wellness of everyday Americans—pledging to take coordinated actions to address a complex web of emerging risks.
The Financial Literacy and Education Commission was established under the Fair and Accurate Credit Transactions Act in 2003.
In the nearly two decades since its founding, the commission has played an evolving role as a coordinator of cross-agency regulatory projects, including through its creation of the mymoney.gov website and in its pursuit of a national strategy on financial education. Per its founding charter, the commission is chaired by the secretary of the treasury, while the vice chair is the director of the Bureau of Consumer Financial Protection. The commission is coordinated by the Department of the Treasury’s Office of Consumer Policy.
Under the Biden-Harris administration, there are some emerging signs that the commission is revamping its efforts to define and pursue a financial literacy strategy at the federal level. For example, in October 2021, the commission launched an effort to study and communicate the financial impacts of climate change on households and communities, with the stated goal of identifying priority policy actions that can increase household and community financial resilience.
The commission also pledged to explore other emerging financial risks to households and communities pertaining to such topics as cybersecurity and crypto assets, especially from the perspective of supporting low-income and historically disadvantaged communities.
Last week, the commission held an open hearing on these topics, featuring frank commentary by officials from the U.S. Treasury, the Office of the Comptroller of the Currency, the Bureau of Consumer Financial Protection and other key federal agencies. Among the speakers were Rohit Chopra, Director of the Bureau of Consumer Financial Protection, and Michael Hsu, Acting Comptroller of the Currency.
According to Chopra, federal regulators are coming to appreciate the fact that financial literacy can “sometimes be a double-edged sword.”
“When financial literacy programs work well, they prepare consumers to be vigilant and engaged in their own financial lives,” Chopra said. “Good financial literacy programing helps people learn to negotiate and to speak up when something is wrong. However, financial literacy, or more properly the lack of financial literacy, is too often used as a blame-and-shame tactic that seeks to silence those who are subject to wrongdoing or mistreatment in the financial services marketplace.”
Chopra encouraged his fellow commission members to embrace the fact that the pursuit of financial literacy is not merely a matter of individual responsibility; it also relates to systemic issues of fairness and transparency in the financial services industry. To support his argument, Chopra pointed to some of the emerging financial challenges the U.S. has faced related to climate change, underscoring how individuals and institutions must adapt in tandem to prevent widespread hardship and economic injury.
“Our personal finances have never been siloed from world events, but it has become glaringly obvious that the world around us affects our own bank accounts and financial well-being,” Chopra said. “Whether taking out a loan to buy a house or a car, it seems that families and businesses today have to contend with growing and shifting risks related to fires, flooding and other environmental issues. These are not novel challenges that Americans face, but with climate change, the risks are increasing exponentially.”
Chopra pointed to government data showing nearly 15 million U.S. homes are now at substantial flood risk, while some 4.5 million homes are at high or extreme risk of damage or outright destruction from wildfires. Despite these alarming numbers, he said, there is strong evidence to suggest that these risks are not being fully accounted for in the housing market or by mortgage lenders.
“New residences are still being built in areas of significant threat of sea level risk,” he observed. “Sea level rise risk is not being considered by many homeowners, particularly those who are skeptical of the proven climate science. It’s amazing to see that there are between $60 billion to $100 billion in new mortgages still being issued each year for coastal homes. Simply put, when climate risks are fully reflected in home prices, it is very probable that some of these mortgages and homes are going to be literally and financially underwater in the near future.”
Chopra said it is the responsibility of government and industry to support individuals as they grapple with a changing world.
“We must step up and confront the collective economic risks of decreasing property values, unaffordable insurance coverage and skyrocketing repair and maintenance costs,” Chopra said. “These challenges are national. They are truly everyone’s problem, but today, the laws governing the disclosure of flood risks and fire risks are simply inadequate. For example, more than 20 states require no disclosure at all of flood history when a person is buying a new home, and just one state, California, requires the disclosure of fire risk.”
Chopra emphasized that this type of issue is present across the U.S., in both reliably red and reliably blue states. He called out, as an example, a policy in New York that allows a home seller to opt out of key environmental disclosures, such as whether the home is located within a flood plain, by simply paying a fee.
“It’s easy to understand why this happens,” Chopra said. “I have seen reporting that shows how a $500 increase in annual flood insurance triggered by such a disclosure can in turn reduce a home’s value by as much as $10,000. There is a direct, perverse incentive against proper disclosures. What does this have to do with financial literacy? It’s about fairness. Today, people too often need to put on a detective hat to figure this stuff out.”
Chopra emphasized that access to reliable and current information about something as financially important as the purchase of a new home should not be so hard for individuals to obtain.
“I believe this commission must take an all-hands-on-deck approach to these cross-cutting issues, and I believe we are doing so,” Chopra said. “It is our job as regulators and policymakers to not simply leave Americans to figure this out on their own.”
Hsu offered related commentary, from his perspective as the Acting Comptroller of the Currency, regarding the dizzying evolution of the cryptocurrency and digital asset marketplace.
“Similar to the need to improve the systemic understanding of climate risks and how to address them, the same is true with respect to educating consumers about cryptocurrencies,” Hsu said. “These assets have simply exploded in popularity.”
Hsu pointed to data showing holders of crypto assets skew significantly younger, more financially vulnerable and more diverse than the general population. Of all crypto owners, he said, some 70% were born after 1980, while 56% earn less than $50,000 per year. He said other research shows that, among under-banked consumers, some 37% own crypto assets, compared to 12% of the totally unbanked and 10% of the adequately banked.
“The risk of scams and hacks is high and growing and must be addressed by individuals and institutions,” Hsu said. “In 2021, crypto theft hit $3.2 billion, which is a more than 500% increase over just 2020. Scammers are defrauding people using a variety of methods, from romance ploys and blackmail schemes to high-profile hacking scams. The biggest threat seen in 2021 were so called ‘rug-pulls,’ wherein legitimate-seeming crypto projects were used to fraudulently attract and then steal $2.8 billion.”
Hsu said both regulators and the financial industry must step up to the challenge regarding crypto misinformation.
“In the crypto industry, marketing materials and misinformation dominate,” he said. “All the crypto platforms have slick marketing materials that are described as educational, but which are in reality geared towards onboarding new customers. Today, it is nearly impossible to find neutral information about something as simple as the basic fees crypto investors are paying now or may pay in the future. What consumers can find easily is hype, jargon and boilerplate disclaimers.”
Hsu said he hopes the members of the commission can create a source of neutral, trusted and authoritative information—likely on mymoney.gov—that people can use to learn about crypto in an unbiased way.
“Don’t get me wrong, while crypto is a risky investment that is not suitable for everyone, it is also not going away,” Hsu said. “Already, one in five U.S. adults has exposure to crypto, which is as many as have holdings in fixed-income instruments.”
Hsu said that figure demonstrates the sweeping need to address this emerging asset.
“We’ve all seen the accounts on social media of people thinking about or being encouraged to go ‘all in’ on crypto,” he said. “They seem driven by a hope of capturing the upside, by fear of missing out on the next rally and by the belief in the promise of ‘democratizing’ finance. These drivers have strong emotional appeal, and so we must work collectively to ensure people are able to think clearly and realistically about what crypto assets can and cannot do to help improve their financial situation.”
