4 ways financial services leaders can stay ahead of the cybersecurity risk curve


As financial institutions migrate to modern infrastructure and cloud services, bad actors have extended their skills and capabilities to achieve their missions. This is compounded by the fact that financial and payment vehicles continue to go virtual. Even the slightest breach can result in fines and reputational harm. 

Many financial institutions are successfully taking a risk-based approach to cybersecurity, according to our recent co-sponsored study with ThoughtLab. Cybersecurity Solutions for a Riskier World reports that 91% of financial services companies are either “mid-implementation” or “advanced” in maturity against the National Institute of Standards and Technology (NIST) framework. 

While this is undoubtedly a positive sign for the industry, many steps still need to be taken to ensure protection in an emerging risk landscape. Below are four takeaways from the study that financial services leaders can bring to their firms to help bolster their security programs.

[Related article: 6 cybersecurity must-haves for innovative public sector leaders]

1) Go beyond detection to continuous monitoring

Financial institutions are generally proficient when it comes to threat detection — 65% of financial services survey respondents believe their processes are managed or optimized. The results show this to be true: the average number of incidents grew by less than 0.5 units from 2020 to 2021, and material breaches shrank during that time frame for the industry. This is a positive sign, given that most verticals experienced drastic increases year-over-year. 

While these are certainly good metrics, the absolute risk comes down to future preparedness. Financial services firms have the opportunity to go from reactive to proactive detection and make a shift to continuous monitoring. This is particularly important for wealth and asset management firms, with only 28% feeling they are prepared. 

In addition to upgrading processes, it’s essential to consider new vendor solutions that can help with continuous monitoring and anomaly detection. Organizations can work with vendors to gain visibility across the enterprise, gather data of any kind (cloud, user, network, etc.), and thwart complex attacks with machine learning and behavior analytics. This can help promote more robust data security, which only 46% of financial institutions currently cite as managed or optimized.

[Related article: How top globals CISOs protect their organizations amid rising threats]

2) Create a tech stack for the future

While email security was cited as the most significant past investment (61%) and the most effective cybersecurity initiative for financial services companies, leaders are thinking more holistically about technology. 

Security information and event management (SIEM) and identity and access management (IAM) are two of the most significant areas financial services firms are planning to invest in. According to the study, 45% of financial services respondents are looking to replace or augment their SIEM strategy — an important step to deliver faster threat detection through continuous monitoring and greater use of advanced analytics. 

[Related article: Why almost half of organizations want to replace their SIEM]

Financial services firms are also looking to consolidate their current tools and infrastructure, with 32% of respondents planning to accelerate these initiatives. In fact, 43% of life insurance and annuities companies plan to accelerate tool consolidation, the highest rate across all verticals. This consolidation could help create greater visibility across organizations with the ability to monitor systems and data in one place.

As financial services firms shift workloads to the cloud, new risks emerge. In the study, 23% of financial service professionals stated that their organization’s increased use of the cloud has exposed the firm to new cyber risks. Adopting cloud-native technology can help enable firms to better survey their hybrid and multi-cloud ecosystems.

3) Invest in talent to recruit, upskill, and retain specialists

The global shortage of skilled cybersecurity professionals is one of the biggest risk challenges organizations continue to face, cited by about a quarter of respondents. “In the face of increased digitization and a rising tide of attacks, the global cybersecurity workforce of 4.2 million people needs to grow 65% to keep up with demand,” said Mandy Andress, CISO at Elastic. 

Despite this labor shortage, the study validates that having the right level and quality of talent and skills can be quantified through risk benefits, including breach reduction and improved time to detect.

How can financial services institutions get to a place where they have secured high-quality security talent and created a robust retention strategy? They can start by establishing a hiring process and company culture that prioritizes investing in their people. 

While financial services companies tend to put greater resources into hiring top talent than other industries, 62% of respondents cite that they have not recruited security specialists. These specialists do not have to be full-time, on-site employees to be effective. For example, 47% of financial services respondents cite that their organization outsources their security operations center. 

4) Make cybersecurity a team effort in the C-Suite

In financial services, 52% of CISOs have expanded their data privacy and compliance responsibilities over the past two years. They have also been keenly focused on reducing customer and insider fraud (40%) and growing their role in vendor, third-party, and supply chain management (36%). The growth of these responsibilities has reflected a broader trend in the industry as CISOs play a more significant role across enterprise risk management. 

As the role of the financial services CISO expands, it’s increasingly essential that firms’ other C-Suite executives also play a part in creating a security-first culture that helps mitigate risks and meet the expectations of stakeholders and customers.

This culture shift is already well on its way. According to the survey, CEOs, CIOs, COOs, and even Chief Legal Officers report being more involved in security-related decisions and responsibilities.

Download the full report 

We’ve covered several key takeaways from the cybersecurity benchmark study, but we encourage you to download the full report, Cybersecurity solutions for a risker world, and share with your team. We hope this robust cybersecurity analysis will make an important contribution to the world of finance, helping banking, payments, and capital markets optimize their cybersecurity resources to succeed in today’s new era of risk.

To learn more about how to improve security analytics and cyber threat detection, download our white paper, Elastic Security: Guide to high-volume data sources for SIEM.

  • We're hiring

    Work for a global, distributed team where finding someone like you is just a Zoom meeting away. Flexible work with impact? Development opportunities from the start?