November 8 – MetricStream Research has released a new report, “The State of Cybersecurity in the Financial Services Industry,” which reveals that 66.2 percent of financial organizations faced at least one cybersecurity attack in the last year. The report, based on a survey conducted in July 2016, features the perspectives of C-level information security professionals in over 60 banking and financial services firms across the globe. The respondents represented financial enterprises of multiple sizes, as well as various segments, including banking, insurance, asset management, diversified financials, investment services, and foreign exchange services.
A spate of recent cyberattacks on financial institutions, including the Bangladesh Bank heist and the Banco del Austro hack, have propelled cybersecurity to the top of the corporate agenda, and prompted boards and executive teams to question the efficacy of their own cybersecurity measures. Financial institutions have always been a lucrative target for cybercriminals, given the massive volumes of data and money that can be stolen. Now, with the introduction of mobile banking, online banking, the cloud and other new technologies, cybercriminals have more potential routes to breach an institution’s cyber defenses. These factors make it imperative for financial institutions to have robust threat detection and risk management mechanisms, as well as strategies to swiftly respond to and recover from a cyberattack.
Against this backdrop, the MetricStream Research report provides in-depth insights into the cybersecurity landscape of financial institutions. The key findings of the report are as follows:
- 66.2% of organizations have faced at least one cybersecurity attack in the last year
- 48.5% of the surveyed organizations reported employees to be the primary conduit through which an attack was launched
- 91.2% of organizations have cybersecurity as a formal part of their Enterprise Risk Management (ERM) program
- For 70.6% of organizations, their cybersecurity programs include third parties
- Only 38.2% of organizations are using an IT GRC solution as one of the tools in their cybersecurity programs
“As the report demonstrates, an increasing number of financial institutions are falling prey to cyberattacks; in fact, many are not even aware that they’ve been attacked until it’s too late,” said French Caldwell, Chief Evangelist at MetricStream. He continued, “The best defense for organizations is to implement a pervasive and mature cybersecurity program that is integrated with their enterprise risk management framework, driven from the top, and based on the latest industry security standards. Technology can prove a valuable ally in this endeavor, by aggregating risk and threat intelligence from across the enterprise, and transforming it into the insights that organizations need to secure their assets, and protect their brand.”
To access the MetricStream Research report on cybersecurity, please click here.
About MetricStream Research
MetricStream Research offers you a range of cutting-edge GRC research reports, insights, and analyses that empower you to make informed and effective decisions on your GRC Journey®. Through primary and secondary research, we analyze the latest GRC trends and developments, and transform this data into the intelligence you need to drive exceptional performance.
MetricStream is the market leader in enterprise-wide Governance, Risk, Compliance (GRC) and Quality Management Solutions. MetricStream solutions are used by leading global corporations in diverse industries such as Financial Services, Healthcare, Life Sciences, Energy and Utilities, Food, Retail, CPG, Government, Hi-Tech and Manufacturing to manage their risk management programs, quality management processes, regulatory and industry-mandated compliance and other corporate governance initiatives. MetricStream is headquartered in Palo Alto, California, USA (www.metricstream.com).