Only nine percent of Danish financial institutions have implemented key cybersecurity measures, according to new research published by Deloitte. The report evaluated response plans, self-defense plans, cyber awareness training and cyber hygiene.
The minimal implementation of these cybersecurity measures stands in strong contrast to self-assessments provided by survey participants at these firms. When asked to rate the level of their organization’s cybersecurity maturity, 72% of respondents rated their company 7 or higher between 0 to 10.
As banks and financial institutions struggle to comply with GDPR requirements, the report noted that 47% of participants claim their firm is highly able to comply with cybersecurity regulations. Over half of those surveyed said they can comply to some degree or didn’t know.
“We strongly recommend testing these assumptions and maturity levels in dependently and closing any gaps between the self-evaluations and the independent assessments,” states Deloitte in the report.
The report findings are collected from surveys sent to Danish finance companies. The research also reveals phishing and malware are frequently ranked one of the biggest risks by finance companies. Meanwhile, 40% of companies surveyed think about cybersecurity while a new digital tool is being developed and a third of the companies find it “difficult” to comply with government cyber regulations.