2018 in retrospect: The year of PSD2, GDPR and data breaches
As the year comes to a close, itis time to step back and have a good look at what happened in the past 12months in some of the most dynamic industries.
The regulatory space
It is without a doubt that 2018 has been a very challenging year for the business space. With PSD2 coming into effect at the beginning of the year, we have witnessed a lot of distress in the banking industry. As required, banks have struggled in their attempt to make their APIs public to allow TPPs to directly access their clients’ account details, this being the first step to an open banking system.
In order to remain relevant and retain a competitive advantage, banks had to innovate and let go of their traditional way of doing things. In this respect, we have seen a hype for artificial intelligence. A lot of banks have integrated AI capabilities into their systems to reduce costs, increase efficiency and be able to provide more customized products and services to their customers. According to a report by Accenture, 75% of banking CEOs believe that adopting artificial intelligence is critical to their organization’s ability to differentiate in the market.
However, banks have not been the only ones dealing with regulation this year. Companies operating in Europe have also had their world turned upside down due to the new data protection law. GDPR, which became effective on May 25th, requires both data controllers and data processors to ensure higher levels of protection for customer personal data. Yet, surveys indicate that in October 2018 less than 50% of organizations worldwide managed to become compliant. Moreover, it seems that one in five may actually never get there. European Data Protection Supervisor Giovanni Buttarelli declared at the time that he expects sanctions to be imposed in many European Union countries, hitting both private and public organizations.
Perhaps one of the reasons so many organizations are not yet compliant is that some of them are still confused by the applicability of GDPR. GDPR does not only affect European companies, but also the ones in the rest of the world with clients from the EU, and those with dual citizenships. As the rules are becoming increasingly stringent and the public’s demand for data privacy is higher, companies should really pay close attention to them.
Brexit leaves room for new ambitious goals
Now that UK is close to leaving the EU, others are aiming to become the new alternative to the London Fintech hub. France, the Netherlands and Portugal are only a few of the countries that have managed to consolidate their position in the current year. These fintech communities have taken additional steps to collaborate and create synergies with larger financial institutions. However, it remains to be seen if London is actually ready to lose the leading position in fintech. There are some that believe this will continue to remain unchanged.
“I actually think fintech will be one of the sectors least affected by Brexit. In a way, the EU hadn’t quite caught up with the tech when we voted to leave – so it’s one of the areas where you still see big European companies maintaining serious investment in the UK.”
George Osborne on UK fintech post-Brexit
Largest data breaches in the headlines
2018 has also witnessed a lot of data breaches and ransomware attacks in areas ranging from healthcare, banking and ecommerce to social media networks. All these have resulted in billions of people having their data stolen or made public. According to a survey by digital security company Positive Technologies, cyberattacks grew 32% in the first three months of the year and 47% during the April-June period as compared to the same periods in 2017. Several breaches in 2018 were among the largest of all time, including Marriott, the world's largest hotelier, British Airways, Google+ and Facebook.
The year has definitely not been a good one for Facebook. After the scandal in March, when Facebook admitted that tens of millions of users had their personal data hijacked by Cambridge Analytica, a political firm working for Donald Trump in 2016, a new security issue has been revealed in September. 50 million Facebook users have been exposed to ID fraud after the biggest cyberattack on the social media giant in its history. According to the company, hackers were able to access accounts on an unprecedented scale due to a security hole that had remained open for more than a year. Soon after, Facebook finds itself under the investigation again for exposing unposted photos from up to 6.8 million users.
Taking into account everything that happened, 2018 was not the best year we’ve had in a while, but also not the worst. With great technology developments, come greater risks and all that has happened comes to support this statement. Security companies have made significant advancements in the fight against cybercrime, so hackers have also stepped up their game. In the past two years we have witnessed new and stronger ransomware attacks that have managed to take half the world out of business. At the same time, we have registered major progress in the field of AI, which turns out to be a great ally in detecting and fighting fraud. 2019 is definitely going to be a more interesting and challenging one.
Here’s to new AI milestones, stronger data protection, super-smooth ecommerce checkouts and less frequent data breaches!
On behalf of the team at Press on Security, have a great 2019!