The World Economic Forum’s Global Cybersecurity Outlook 2025 Insight Report paints a bleak picture of what the year ahead holds for technology security teams worldwide. However, some industries are likely to be worse off than others. The financial sector, for example, is an attractive target for cyber-attacks, as confirmed by Statista which states that the average cost of a data breach in this industry in 2024 was approximately $6.08 million, compared to $4.88 for the overall average cost of a data breach across all industries. As such, financial institutions must prioritize cyber defense and take action to minimize the impact of attacks. One route to doing this is by automating aspects of cybersecurity so SOC teams can focus on higher-value activities.
According to the latest Threat Quotient research into The Evolution of Cybersecurity Automation Adoption, financial services organizations tend to be more mature in cybersecurity automation adoption than their industry counterparts. Further, they may have passed through the period of disillusionment that commonly occurs in the technology adoption cycle. This is evidenced by the report finding that 87% of financial services organizations value the importance of cybersecurity automation, up from 69% the previous year, which is mostly used to focus on incident response, phishing analysis and threat hunting.
However, given the growing complexities of the threat landscape, more needs to be done to equip financial organizations globally to prepare for attack. To try to counter this issue, governments have introduced new regulations for the financial sector such as The Digital Operational Resilience Act (DORA) which is an EU regulation that aims to strengthen the sector’s resilience to ICT-related incidents with clearly defined requirements. Part of the regulation requires organizations to engage in threat intelligence sharing, to raise the level of knowledge and awareness of cyber threats on an industry scale.
Knowledge is power
Being aware of the latest industry threats, vulnerabilities and attack patterns is a powerful way to enhance the security posture of an organization and proactively mitigate risks. To achieve this, companies should systematically collect, analyze and disseminate information about potential cybersecurity threats to help identify emerging trends and stay ahead of possible threats. This knowledge, when shared across organizations and industries, can go a long way in helping more companies be alert and prepared for potential cyber threats.
Within the financial services industry, threat intelligence is commonly only shared with direct partners and suppliers (59%) and within their organizations (48%), according to ThreatQuotient research. However, by sharing insights beyond the borders of the organization to the broader industry, security teams within all these organizations are empowered to gain a tactical advantage and actively improve their cybersecurity practices based on information collected according to real-world attack methodologies.
Growing a community of information sharing
Nevertheless, it is encouraging that 59% of Financial Services organizations are sharing threat intelligence with partners and suppliers, because considerable cyber risk resides in the supply chain – especially where smaller suppliers may lack sophisticated security solutions and in-house expertise. DORA addresses this by specifying that third-party ICT risk must be managed as an integral component of the overall ICT risk management framework. Sharing threat intelligence with the wider supplier ecosystem should be considered best practice as part of this risk management approach.
Threat actors are sharing knowledge amongst themselves to enhance their skills with Cybercrime-as-a-Service (CaaS) providing a range of sophisticated tools and malicious services to a broad range of users through online marketplaces. Organizations must follow suit and band together with the sharing of threat intelligence across large and small organizations to collectively assess vulnerabilities and implement proactive measures to defend against rising threats. This collaboration is a cornerstone of effective cybersecurity which is further enhanced by integrating cybersecurity platforms to augment collaboration efforts.
Closing the skill gap with automated threat intelligence
There is no quick fix for the widening cybersecurity skills gap, but technology can be part of the solution in helping to ease the pressure on the teams that are combating cyber risks daily. With threat intelligence, security teams have valuable, real-world intelligence that can help them to be better prepared for attacks.
Further, by automating elements of the process of threat hunting, intelligence gathering and threat profiling, security teams can work smarter and not harder, as they gain insights to prioritize threats, detect attacks earlier and develop strategies to respond faster and more effectively. This proactive approach not only strengthens the cybersecurity posture of the organization but – when intelligence is shared – also improves the posture of supply chains and the industry.
AI is the problem and the solution
While cybersecurity automation has achieved a degree of maturity in the financial sector, applying artificial intelligence to cybersecurity is still in relatively early stages across most industries. Again, the sector seems to be an early adopter, as evidenced by The Evolution of Cybersecurity Adoption report, which found that half of the financial services respondents are using AI across their cybersecurity operations, a figure that is considerably higher than other industries.
However, the widespread adoption of AI will also increase the threat landscape. Not only do technologies like ChatGPT create potential risks for organizations, but AI tools are also being used by threat actors to enhance their skills and increase their breach success rates.
Despite the risks, AI also brings with it immense potential in bolstering an organization’s defence mechanisms, detecting threats and enabling faster incident response times. For example, Gen AI can help speed up threat intelligence gathering and reporting, so security teams can focus on more complex tasks.
As cyber threats become increasingly sophisticated, it is more important than ever that the financial services industry bands together to collaborate and establish a united front against potential cyber-attacks. This includes prioritizing the adoption of cyber security automation to identify, analyze and prioritize threats in the industry to make better decisions and respond efficiently and effectively, thereby minimizing the impact of a potential attack. Ultimately shared threat intelligence enables organizations in the financial services industry to put up a united front and safeguard the valuable assets that their customers entrust them with.
Ad
Join over 500,000 cybersecurity professionals in our LinkedIn group “Information Security Community”!