Abstract
In today’s digital age, financial institutions rely on data pipelines to manage and process the large volumes of data they receive or generate including but not limited to transactional data, customer information as well as market analytics. Data pipelines serve as tools to efficiently move, process and store data across different systems. They enable real-time data analysis support decision making and enable seamless business operations. However, this dependency comes with a need to secure the pipeline against potential vulnerabilities which may lead to severe data breaches, financial losses, regulatory fines, and reputational damage.
This study explores the security challenges within data pipelines, focusing on identifying the most vulnerable components and understanding the factors that lead to data breaches. Through an analysis of key components such as data sources, processing, storage, and data sink this research aims to uncover the most compromised components in terms of data security.
The study employs a positivist research philosophy, focusing on empirical evidence and real-world cases of data breaches in the financial sector to explore the security challenges within data pipeline components. Findings indicate that the data storage and data sink components are the most frequently compromised components in data breaches. Research further found that software vulnerabilities and system vulnerabilities are the primary factors exploited by attackers. The research also highlighted that all these breaches compromised the confidentiality trait of the information security model and are also in breach of principle 7 of the POPIA act which would result in financial fines or imprisonment for the affected organisation.
The study underscores the critical need for financial institutions to strengthen the security of their data pipelines, particularly protecting the data storage and data sink component. By addressing software and system vulnerabilities organisations can significantly mitigate the risk of data breaches as well as ensuring the confidentiality of their sensitive data.