According to the IBM Cost of a Data Breach Report 2023, the global average cost of a data breach in 2023 was $4.45 million, 15% more than in 2020. In response, 51% of organizations plan to increase cybersecurity spending this year.

For the financial industry, however, global statistics don’t tell the whole story. Finance firms lose approximately $5.9 million per data breach, 28% higher than the global average. In addition, evolving regulatory concerns play a role in how financial companies respond to cyberattacks and where they’re investing to reduce total risk.

By the numbers: The true cost of a data breach for financial companies

When it comes to calculating the true cost of a data breach for financial firms, monetary loss is just the beginning.

Consider common threat vectors. While 48% of financial attacks start with malicious actors, human error accounts for 33%. Phishing and compromised credentials take the top spots for initial attack vectors at 16% and 15%, respectively. If attackers are successful, they often have access to millions of transaction and client records — the average cost for breaches of 50 million records or more now tops $300 million.

It’s not all bad news, however. In terms of detecting and containing data breaches, finance organizations are ahead of the curve. Globally, companies take 204 days to identify and 73 days to contain a breach. In the financial industry, breaches are identified in 177 days and contained in 56 days on average.

Where are financial firms investing in cybersecurity?

More than half of organizations will increase their cybersecurity investments this year.

For financial firms, top areas of investment include security AI, automation and incident response (IR). In 2023, 39% of financial organizations reported “extensive use” of security AI and automation, which led to $850,000 in savings compared to the global average cost of a breach. When it comes to IR teams and testing, meanwhile, firms with robust incident response frameworks saved an average of $2 million.

Read the full report

How can the financial industry defend critical data?

The financial industry faces unique challenges when it comes to effective data protection. One of the most prevalent is the need to identify and incorporate global regulations into everyday banking practices. This could include client data privacy obligations under legislation such as CCPA in California and GDPR in Europe, along with fraud reduction efforts governed by FINRA and FinTECH. In addition, new regulations, such as the EU’s Digital Finance Strategy, are emerging to govern growing cryptocurrency markets.

It’s also worth noting that financial firms face steep fines for failing to meet regulatory requirements. Consider that in 2022, the U.S. Securities and Exchange Commission (SEC) fined more than a dozen banks almost $2 billion for cybersecurity shortcomings.

To help combat emerging threats and ensure compliance with evolving legislation, finance firms can benefit from a multi-pronged approach that includes the following elements.

DevSecOps integration

A DevSecOps approach to security makes it possible for firms to integrate protection at application, tool and platform levels for increased control. Here, success depends on both comprehensive integration and regular testing.

Robust data discovery

82% of data breaches include data in cloud environments. By implementing robust data discovery tools, financial organizations can identify where they’re at risk — and what they can do about it.

Security AI and automation deployment

AI and automation can reduce IT staff workloads and streamline data-intensive processes. Deploying AI tools can also lower total security costs and deliver faster data breach identification.

Attacker perspective adoption

Knowledge is power — and knowing what attackers will do before they do it offers a decisive advantage for financial organizations. By using attack surface management tools and adversary simulation techniques, companies can better understand the attack perspective to pinpoint likely avenues of compromise.

When it comes to financial industry cybersecurity, it’s not just about the up-front costs of a data breach. Instead, it’s about creating reliable and repeatable processes capable of addressing current threats, incorporating new regulatory expectations and laying the groundwork for ongoing defense.

Get the full IBM Cost of a Data Breach Report 2023 here.

More from Banking & Finance

Gozi strikes again, targeting banks, cryptocurrency and more

3 min read - In the world of cybercrime, malware plays a prominent role. One such malware, Gozi, emerged in 2006 as Gozi CRM, also known as CRM or Papras. Initially offered as a crime-as-a-service (CaaS) platform called 76Service, Gozi quickly gained notoriety for its advanced capabilities. Over time, Gozi underwent a significant transformation and became associated with other malware strains, such as Ursnif (Snifula) and Vawtrak/Neverquest. Now, in a recent campaign, Gozi has set its sights on banks, financial services and cryptocurrency platforms,…

The rise of malicious Chrome extensions targeting Latin America

9 min read - This post was made possible through the research contributions provided by Amir Gendler and Michael  Gal. In its latest research, IBM Security Lab has observed a noticeable increase in campaigns related to malicious Chrome extensions, targeting  Latin America with a focus on financial institutions, booking sites, and instant messaging. This trend is particularly concerning considering Chrome is one of the most widely used web browsers globally, with a market share of over 80% using the Chromium engine. As such, malicious…

BlotchyQuasar: X-Force Hive0129 targeting financial institutions in LATAM with a custom banking trojan

16 min read - In late April through May 2023, IBM Security X-Force found several phishing emails leading to packed executable files delivering malware we have named BlotchyQuasar, likely developed by a group X-Force tracks as Hive0129. BlotchyQuasar is hardcoded to collect credentials from multiple Latin American-based banking applications and websites used within public and private environments. Similar operations conducted in late 2022 have also been noted delivering an earlier variant of this modified QuasarRAT by likely Spanish-speaking actors. BlotchyQuasar, which X-Force describes as…

How fraudsters redefine mobile banking account takeovers

3 min read - Fraudsters are constantly finding new ways to exploit vulnerabilities in the banking system, and one of the latest tactics involves stealing credit card information via mobile banking apps. This type of attack has been seen in different variations in Spain and North America and was reported for the first time at the beginning of 2023. As fraudsters use stolen credentials to commit e-commerce fraud, here's what banks and customers must keep in mind to stay safe. The modus operandi Step 1:…