Posted on Oct 26, 2017
Our recently released 2017 Financial Report is drawn from an analysis of approximately 3,000 financial institutions, and highlights cybersecurity performance challenges faced by financial institutions as compared to other industries. You can read the full report here, but we wanted to highlight just a couple of the key findings from this report.
Financial Industries Are Still Not Securing Passwords
Although the U.S. financial industry ranks Number 3 in performance out of 18 of the U.S. economy’s primary industries, the sector still struggles with multiple key areas of cybersecurity risk.
After the LinkedIn breach and several other breaches causing negative impacts for financial institutions, it wasn’t surprising when many institutions put a focus on employee security awareness training. But these efforts, as well as the need to improve security of IT infrastructures, have room for improvement as financial institutions are still performing weaker than many other industry sectors, falling in the bottom half of the 18 industries surveyed in the report.
This continued battle to properly secure passwords and educate employees may be one of the reasons why the IBM X-Force Threat Intelligence Index 2017 says 58 percent of cybersecurity attacks in the financial sector come from the inside.
Read about the financial sectors other areas of cybersecurity weakness here.
Hackers Target Financial Institutions
Last year’s IBM Security Trends in the Financial Services Sector reported that more than 200 million records were breached in the financial sector, an example that hackers were in fact targeting this sector. In our report, we explored whether in 2017, that was still the case.
Looking at a six-month snapshot, we found that the financial sector was breached more than 11 other industry sectors, including the retail and pharmaceutical sectors.
With hackers continuing to target this industry and the industry’s efforts still falling short, the underlying message of this report is that while the financial sector’s cybersecurity performance is not the worst, they still have room to improve.
Download the full 2017 Financial Report here.
Interested in looking at the cybersecurity performance of another industry sector? Check out our 2017 U.S. Government Report.
With hackers finding new ways to attack third-parties in hopes of infecting a larger organization, the third-party ecosystem is more fragile than ever before.
The purpose of IT security risk assessment is to determine security risks to your company’s critical assets, and how much funding and effort should be used in their protection. Get started with SecurityScorecard’s step-by-step guide to managing your cyber risk.
No waiting, 100% Free
Get your free scorecard and learn how you stack up across 10 risk categories. Answer a few simple questions and we'll instantly send your score to your business email.