Thales today released the findings of its 2024 Data Threat Report for Financial Services organisations, which reveals a drop in data breaches against financial services organisations. However, ransomware response remains a challenge and GenAIโs speed of adoption is raising significant security concerns:
-
The proportion of FinServ organisations that have ever been breached remains high (39%), yet 10 percentage points lower than the general DTR survey figure (49% overall). Encouragingly, recent breach history (in the last 12 months) decreased by nearly half, from 29% in 2021 to 14% in 2024, like overall decreases.
-
Planning is still poor, with only about one in four FinServ respondents saying they would follow a formal plan in the event of an attack, 5 percentage points higher than all respondents.ย
-
Ransomware response remains a challenge:
-
Ransomware attacks against FinServ organisations continue to grow, with 18% reporting that they have experienced an attack.
-
Only 25% of FinServ respondents have a ransomware response plan despite regulations requiring them.ย
-
Among FinServ respondents that have resolved a past ransomware attack, 5% did so by paying a ransom, while 9% said they would pay a ransom to resolve a future attack.
-
-
GenAIโs speed of adoption and fast-moving ecosystem has emerged as a significant security concern.
-
27% of FinServ respondent organisations plan to integrate AI into their core products and services in the next 12 months, 5 percentage points higher than overall respondents.
-
73% of FinServ cited the rapid changes challenge existing GenAI plans, yet 71% also report that they are in the integration or enablement phases of production deployments beyond experimentation or exploration phases.
-
-
FinServ organisations continue to struggle with human error and zero-day vulnerabilities at rates higher than the overall population, while investments in MFA and meeting industry and government compliance requirements are clearly helping
Erick Reyes, ANZ Director, Data Security for Thales said: โA mix of sensitive, high-value data and robust compliance regulations mean financial service organisations across ANZ tend to be further advanced than other sectors when it comes to security and overall cybersecurity. While compliance mandates remain one of the industryโs biggest challenges, our research indicates that compliance achievements drive better security outcomes, leading to fewer breaches. As more regulations such as APRAโs CPS 230 come into effect within the next year, finserv organisations must remain proactive, in control and on top of both government and industry requirements.
โWhat is concerning when we look at new threats coming from technologies, such as generative AI and even quantum computing, is an overall lack of preparedness. Three in four organisations globally do not yet have a formal plan in place should they fall victim to a ransomware attack. Others continue to struggle with the complexities of securing their assets in the cloud, as well as integrating security within their development and operational processes.
โIn environments where critical workloads are being hosted and IT and OT is continuing to converge, cybersecurity strategies that focus on comprehensive DevSecOps programs, strong cloud security and access management are key to tackling a fast-growing and sophisticated threat landscape.โ
Cloud Security and DevSecOps Remain Top Challenges
-
FinServ respondents stated that, on average, 43% of their data stored in the cloud is sensitive, reaffirming that these organisations are clearly moving critical workloads to the cloud.
-
The percentage of FinServ organisations using more than one hyperscaler (IaaS) rose from 54% in 2022 to 73% in 2024, and FinServ enterprises that agree or strongly agree that managing security in the cloud is more complex than managing security on-premises has increased 20 percentage points since 2022
-
Human error was the leading cause of cloud-based data breaches at 41% (10 points higher than overall). Exploitation of previously unknown vulnerabilities and failure to apply multifactor authentication (MFA) to privileged accounts were the two other major causes
-
Operational complexity remains a security concern, with 49% of FinServ respondents reporting they use five or more key management systems.
-
Among respondents who cited cloud/DevSecOps security as an emerging security concern, the greatest proportion cited secrets management as a top DevOps challenge,
Meeting Compliance Requirements Clearly Helps
-
Of the FinServ respondents whose organisations failed a compliance audit in the last 12 months, 80% reported having experienced some breach in their history. In contrast, for those FinServ organisations that have not failed a compliance audit, only 15% have any breach history, with just 3% having a breach in the last 12 months.
Looking Ahead at Quantum Computing
-
Future compromise of classical encryption techniques that enable “harvest now, decrypt later” (HNDL) attacks is leading interest in post-quantum cryptography (72%)
-
Among FinServ respondents who identified post-quantum cryptography as an emerging security threat, 30% indicated they would likely create resilience contingency plans, while 48% said they would prototype or evaluate PQC algorithms in the next 18-24 months.
About The Study
This research is based on a subset of the global Data Threat Report survey of 2,961 respondents that was fielded in November and December 2023 via a web interface and aimed at professionals in security and IT management. This subset data comprises a targeted financial services population, for a total of 108 respondents across 18 countries (including Australia and New Zealand). Most respondents (70%) were affiliated with organisations reporting annual revenue between US$100 million and US$999.9 million. This research was conducted as an observational study and makes no causal claims.