Despite strategic investments in cybersecurity, the financial services sector is no fortress.
Attacks are constant regardless of the amount of money and talent poured into the sector, according to “Global Perspectives on Threat Intelligence,” a report released on Monday by cyberthreat intelligence firm and Google subsidiary Mandiant.
In a survey of 1,350 security executives in 18 sectors including financial services, health care and government worldwide, 45% within financial services said they reported at least one “significant cyberattack” in their organization over the past 12 months, according to the report.
Understanding potential threats
Within the survey, 79% of security executives within financial services agree they need to better understand the threat landscape. The report found that of the 1,350 respondents:
- 96% believe it is important to understand the potential threat actors targeting them;
- 79% say most of the time they make decisions without insights into the adversary;
- 67% believe their senior leadership team underestimates the threat to their organization; and
- 47% cited their greatest challenges is applying threat intelligence across their organization.
The number of threats faced by the financial services sector are growing in complexity and scale, Luke McNamara, principal analyst at Mandiant and Google, told Bank Automation News.

“One of the things that was interesting to see is the difficulty that organizations still have with operationalizing threat intelligence, particularly getting that intelligence and finding utility value in it outside the security operations center,” he said. “That speaks to the growth of the threat intelligence sector as a whole, and meeting that need for secured organizations.”
Research group Aite-Novarica in a recent webinar listed these five trends as likely prominent in 2023:
- API security vulnerabilities;
- Use of deep-fake technology to impersonate executives;
- Inherent risk in blockchain transactions;
- Zero-trust security being tested by identity modernization; and
- Use of phishing-resistant multifactor authentication.
Prioritization is key
Understanding where threat actors are coming from is crucial, but so is setting the right types of threat alerts, McNamara said, adding that financial services organizations have dealt with “alert fatigue,” or a massive number of warnings that eventually deteriorate their individual severities in the eyes of decision makers.
While automation can be helpful for wading through various threat levels, human data analysis may be what organizations need to cut the noise and get to the heart of the problem, he said.
“Having a human in the loop analyzing that data so it’s not just completely automated, will help provide higher fidelity indicators,” McNamara said. “That should hopefully lead to fewer [alerts], where you have a higher confidence in that indicator of being malicious.
“When that detection pops off in the [security operations center], you have a higher reason to believe that this is actually something serious and not just another alert.”
Bank Automation Summit US 2023, March 2-3 in Charlotte, is a crucial event on automation technology in banking. Wells Fargo Chief Technology Officer Steve Hagerman will speak at the event. Learn more and register for Bank Automation Summit US 2023.






