Report Finds 78% of Financial Services Organizations Have Experienced a Cybersecurity Breach, Threat and Data Theft
Skyhigh Security today released the Cloud Adoption and Risk Report, Financial Services Edition, that explores how the financial services sector is navigating cloud security in an era of increased cloud adoption and opportunistic cybercriminals. The report is based on a subset of data from Skyhigh Security's The Data Dilemma: Cloud Adoption and Risk Report, which provides a comprehensive look at cloud data security challenges across industries. The new findings show that while financial services firms - including banks, insurance companies, brokerage houses and credit card companies - tend to have the highest degree of security maturity, they also face the greatest threats, making resilient and agile cybersecurity programs based on Zero Trust essential.
"The uptick in hybrid work has allowed employees to use different devices to collaborate from anywhere but has also created massive opportunity for cloud data threats. Coupled with Shadow IT and a cybersecurity talent shortage, there is a real sense of urgency for organizations across all industries to double down on their data security efforts," said Rodman Ramezanian, Global Cloud Threat Lead at Skyhigh Security. "These issues are particularly acute in the financial services realm, since cybercriminals motivated by monetary gain, or a political agenda, often target this sector. Now more than ever, financial services organizations need to be proactive and hypervigilant about their control of data and have clear ownership within their cloud security programs."
Data security challenges on the rise with increase in cloud usage
The latest Cloud Adoption and Risk Report highlights just how rapidly organizations have embraced the cloud in response to the pandemic-fueled movement toward remote work. From 2019 to 2022, the average number of public cloud services utilized by financial services organizations jumped from 20 to 31 - an increase of over 50%. And although the financial services industry stores a similar amount of sensitive data n the public cloud as other sectors (61%), it skews toward storing more confidential internal information, such as employee records and payment card information.
Spotlight on how data is being used and safeguarded
Unfortunately, data in the cloud is often vulnerable due to unsanctioned cloud app usage by remote workers. Eighty-two percent of the financial services organizations surveyed in the report claimed that Shadow IT hinders their ability to keep data secure - in part due to a lack of skilled security staff who can track their organizations' cloud computing trends. Ninety-six percent of respondents in financial services acknowledged these talent shortages as a problem compared to 92% of respondents across all industries.
However, financial service organizations demonstrated heightened awareness of strategies to monitor their data, such as cloud access security broker (CASB) solutions, for complete visibility and control of their data in the cloud - including both sanctioned and unsanctioned cloud apps. The sector also takes more precautions than other industries to reduce the risks associated with data loss by migrating users to IT-sanctioned apps, conducting regular auditing and implementing data classifications and policies to monitor and prevent data leakage.
"When we look toward the future, increasingly stringent compliance regulations for data and privacy - particularly in financial services - will add yet another layer of complexity to cybersecurity programs," added Ramezanian. "However, as our report illustrates, there is a clear path forward for firms to comply with these regulations and not lose sleep over their data practices. The core takeaway is that organizations need to have an integrated approach to data security that is based on Zero Trust principles."
The research presented in the report points to the advantages of a single-vendor data-aware Security Service Edge solution that converges multiple security services: CASB, Secure Web Gateway, Zero Trust Network Access and Cloud-Native Application Protection Platform. The findings suggest that IT decision makers look for a SSE solution with a single, centralized platform that simplifies cloud security and enables security teams to apply consistent data protection controls and policies across the web, cloud and private apps - from anywhere, any application and any device.
Skyhigh Security commissioned independent market research agency Vanson Bourne to conduct this research. This particular report is based on the results of 124 IT decision makers, IT specialists and senior business decision makers from organizations in the United States, Brazil, United Kingdom, France, Germany, India, Australia, Japan and Canada in September 2022. These organizations have 500 or more employees and represent the financial services industry. More information on the full research methodology can be found within the global report.
About Skyhigh Security
Skyhigh Security is focused on helping customers secure the world's data. It protects organizations with cloud-native security solutions that are both data-aware and simple to use. Its market-leading Security Service Edge (SSE) Portfolio goes beyond data access and focuses on data use, allowing organizations to collaborate from any device and from anywhere without sacrificing security. For more information, visit www.skyhighsecurity.com.
How AI is Changing Cyber Security
UCaaS and MSPs: Driving Collaboration, Productivity, and Customer Experience
Interesting LPWAN Solutions