EXECUTIVE SUMMARY:

The financial sector is a leading target for cyber criminals and cyber criminal attacks. Markedly improving the sector’s cyber security and resilience capabilities are a must. While the sector does have a comparatively high level of cyber security maturity, security gaps invariably persist and threaten to subvert systems.

As Check Point CISO Pete Nicoletti has noted, attackers only need to get it right once in order to catalyze strongly negative, systemic consequences that could send shockwaves throughout companies and lives across the globe.

In this article, discover financial sector trends, challenges and recommendations that can transform how you see and respond to the current cyber threat landscape.

Industry trends

• According to a newly emergent report, 65% of financial services sector organizations have endured cyber attacks.
• The median ransom demand is $2 million. Mean recovery costs have soared to roughly $2.6 million – up from $2.2 million in 2023.
• The size of extreme losses has quadrupled since 2017, to $2.5 billion.

The potential for losses is substantial, especially when multiplied in order to account for downstream effects.

Industry challenges

The majority of financial leaders lack confidence in their organization’s cyber security capabilities, according to the latest research.

Eighty-percent of financial service firm leaders say that they’re unable to lead future planning efforts effectively due to concerns regarding their organization’s abilities to thwart a cyber attack.

There is a significant gap between where financial sector institutions want to be with cyber security and where the industry is right now.

Preparing for disruption

Beyond cyber security, financial sector groups need to concern themselves with business continuity in the event of disruption — which is perhaps more likely than not.

“While cyber incidents will occur, the financial sector needs the capacity to deliver critical business services during these disruptions,” writes the International Monetary Fund.

A major disruption – the financial sector equivalent of the Colonial Pipeline attack – could disable infrastructure, erode confidence in the financial system, or lead to bank runs and market selloffs.

To put the idea into sharper relief, in December of 2023, the Central Bank of Lesotho experienced outages after a cyber attack. While the public did not suffer financial losses, the national payment system could not honor inter-bank transactions for some time.

Industry recommendations

Organizations need innovative approaches to cyber security — approaches that prevent the latest and most sophisticated threats. Approaches that fend off disaster from a distance.

At Check Point, our AI-powered, cloud-delivered cyber security architecture addresses everything — networks, endpoints, cloud environments and mobile devices via a unified approach.

We’ve helped thousands of organizations, like yours, mitigate risks and expand business resilience. Learn more here.

For additional financial services insights, please see CyberTalk.org’s past coverage. Lastly, to receive cyber security thought leadership articles, groundbreaking research and emerging threat analyses each week, subscribe to the CyberTalk.org newsletter.