CIO Influence
CIO Influence News Security

Report Finds 78 Percent of Financial Services Organizations Have Experienced a Cybersecurity Breach, Threat and Data Theft

Report Finds 78% of Financial Services Organizations Have Experienced a Cybersecurity Breach, Threat and Data Theft

Skyhigh Security released the Cloud Adoption and Risk Report, Financial Services Edition, that explores how the financial services sector is navigating cloud security in an era of increased cloud adoption and opportunistic cybercriminals. The report is based on a subset of data from Skyhigh Security’s The Data Dilemma: Cloud Adoption and Risk Report, which provides a comprehensive look at cloud data security challenges across industries. The new findings show that while financial services firms — including banks, insurance companiesbrokerage houses and credit card companies — tend to have the highest degree of security maturity, they also face the greatest threats, making resilient and agile cybersecurity programs based on Zero Trust essential.

“The uptick in hybrid work has allowed employees to use different devices to collaborate from anywhere but has also created massive opportunity for cloud data threats. Coupled with Shadow IT and a cybersecurity talent shortage, there is a real sense of urgency for organizations across all industries to double down on their data security efforts,” said Rodman Ramezanian, Global Cloud Threat Lead at Skyhigh Security. “These issues are particularly acute in the financial services realm, since cybercriminals motivated by monetary gain, or a political agenda, often target this sector. Now more than ever, financial services organizations need to be proactive and hypervigilant about their control of data and have clear ownership within their cloud security programs.”

CIO INFLUENCE: Top Challenges for CTOs in 2023

Data security challenges on the rise with increase in cloud usage

The latest Cloud Adoption and Risk Report highlights just how rapidly organizations have embraced the cloud in response to the pandemic-fueled movement toward remote work.From 2019 to 2022, the average number of public cloud services utilized by financial services organizations jumped from 20 to 31 — an increase of over 50%. And although the financial services industry stores a similar amount of sensitive data in the public cloud as other sectors (61%), it skews toward storing more confidential internal information, such as employee records and payment card information.

Spotlight on how data is being used and safeguarded

Unfortunately, data in the cloud is often vulnerable due to unsanctioned cloud app usage by remote workers. Eighty-two percent of the financial services organizations surveyed in the report claimed that Shadow IT hinders their ability to keep data secure — in part due to a lack of skilled security staff who can track their organizations’ cloud computing trends. Ninety-six percent of respondents in financial services acknowledged these talent shortages as a problem compared to 92% of respondents across all industries.

CIO INFLUENCE: General Data Protection Regulation (GDPR) Anniversary

However, financial service organizations demonstrated heightened awareness of strategies to monitor their data, such as cloud access security broker (CASB) solutions, for complete visibility and control of their data in the cloud — including both sanctioned and unsanctioned cloud apps.The sector also takes more precautions than other industries to reduce the risks associated with data loss by migrating users to IT-sanctioned apps, conducting regular auditing and implementing data classifications and policies to monitor and prevent data leakage.

“When we look toward the future, increasingly stringent compliance regulations for data and privacy — particularly in financial services — will add yet another layer of complexity to cybersecurity programs,” added Ramezanian. “However, as our report illustrates, there is a clear path forward for firms to comply with these regulations and not lose sleep over their data practices.The core takeaway is that organizations need to have an integrated approach to data security that is based on Zero Trust principles.”

The research presented in the report points to the advantages of a single-vendor data-aware Security Service Edge solution that converges multiple security services: CASB, Secure Web GatewayZero Trust Network Access and Cloud-Native Application Protection Platform. The findings suggest that IT decision makers look for a SSE solution with a single, centralized platform that simplifies cloud security and enables security teams to apply consistent data protection controls and policies across the web, cloud and private apps — from anywhere, any application and any device.

CIO INFLUENCE: Nextira Selected by Ansys Technology Partner Program to Support Customers Implementing Ansys Gateway Powered by AWS

[To share your insights with us, please write to sghosh@martechseries.com]

Related posts

CUBE and LogicGate Partner for Comprehensive Regulatory Compliance Solution

CIO Influence News Desk

EdgeCore Digital Infrastructure Hires Tenured Chief Legal Officer with Deep Data Center Expertise

PR Newswire

InfluxData Brings Higher Performance and New Features to InfluxDB 3.0 to Power Massive Time Series Workloads at Scale

Business Wire