46% of financial institutions had a data breach in the past 24 months


As the financial industry is the most targeted sector for data breaches in 2024, it’s now more important than ever to strengthen the industry moving into 2025, according to SailPoint.

Financial institutions face growing cyber threats

In 2024, roughly 65% of financial organizations worldwide reported experiencing a ransomware attack, compared to 64% in 2023 and 34% in 2021.

46% of financial companies recorded indicated they had a breach in just the last 24 months. 80% of organizations are concerned about vulnerabilities resulting from overprovisioning third-party identities or non-employees, which increases the risk of cyberattacks.

Additionally, a rapid influx of identities that often come with mergers and acquisitions (M&As), increases risk according to 77% of respondents. Companies that have acquired other companies may lack visibility into the additional identities’ access, which can lead to over-provisioning, access delays, and other identity challenges during offboarding and transfers.

Majority of existing identity security solutions do not cover non-employees (contractors, partners, etc.) but less than half (47%) reported a desire to address this gap.

“As financial services institutions grow and transform, so too has their cyber risk,” said Wendy Wu, CMO, SailPoint. “In addition to the complexity that mergers and acquisitions introduce to their identity landscape, the influx of machine and third-party identities with access privileges that require protection, and the increased amounts of unmanaged sensitive data have brought to light new areas of risk that, if left ungoverned and unprotected, will result in a growing number of data breaches targeting this sector of the enterprise market.”

Compliance challenges impact most financial organizations

Compliance is another shared frustration among financial service organizations, with 93% finding it difficult to remain compliant. Respondents’ most common pain points include a lack of resources, cumbersome manual processes, and large time commitments. As a result of these struggles, 64% received an identity-related audit citation over the last two years. Reducing cyber and compliance risks are among the most important factors when considering an identity security solution.

Moreover, numerous findings within the report indicate many identity security tools require too many manual processes (53%) and lack automation (49%). These issues are directly related and result in slow and error-prone processes, compliance issues, and increased risk, especially during large-scale identity increases from M&As.

These tools do not provide analytics to help reveal risks—such as overprovisioning, a lack of separation of duties, excessive third-party access, and anomalous access—placing the burden on identity security teams who are already buried in manual processes.

“The financial services industry remains a prime target for cyberattacks, driven by its vast trove of personal data,” said Wu. “With the average cost of a breach being over $6 million and regulatory fines escalating with each passing year, these findings reinforce the critical need for a modernized, automated approach to identity security. All identity data within an organization needs to be unified within a singular, centralized holistic platform for better visibility and management of all identities. With unified data, organizations gain more context, like what is happening within the organization, what activity could be a threat, and how to address it.”

The insights in this report are based on a global survey of more than 300 Identity and Access Management (IAM), IT security, and audit and compliance leaders focusing on the current state of identity security within the financial services industry.



Source link