UK organisations have contradictory attitudes towards the voice channel, increasing the chances of their customers’, employees’ and partners’ data being exposed to unauthorised parties, according to a voice security product company. And as a result, businesses could be falling foul of the new General Data Protection Regulation (GDPR), warns Aeriandi.
The study was carried out at the recent IFSEC International show in London, the security exhibition. Some 100 visitors were asked a series of questions to understand their attitudes to voice technology plus their company’s use of the voice channel to communicate with customers.
Some 70 percent believe that securing the voice channel is an important part of the IT security mix, with 68 percent stating that it should fall under the scope of IT security. However, when questioned about who, within their company was responsible for voice, only around one third – 37 percent – stated that it fell under the remit of their IT security team. The remaining 64 percent of respondents said that responsibility lay with the contact centre, customer care, general IT (not security) or telco and networking teams within their company.
When it comes to the importance of voice, and the voice channel, two thirds – 69 percent – of those questioned responded that it is not a top priority for IT security. This view was reflected in the security posture of their own companies, with almost half – 47 percent – stating that voice security was either not a priority, or a lower priority than other threats including malware, phishing and trojans.
The contradiction in attitudes was highlighted by the fact that nearly three quarters of those surveyed – 72 percent – believe that advances in voice technology pose a significant threat to enterprise security and 40 percent think that more resources should be allocated to protecting the voice channel within their company.
Matt Bryars, co-founder and CEO of Aeriandi, said: “We live in an age where the topic of data security is barely out of the news. Many organisations live and die by their ability to keep our data safe, which is why billions of pounds a year are spent on doing just that. However, a chain is only as strong as its weakest link and for many organisations, the voice channel is an often-overlooked vulnerability that ends up being its downfall. With estimates that between 30 to 50 per cent of all fraud incidents are initiated with a phone call, organisations must give the voice channel equal priority to other cyber-attack vectors.”
