Skip to content


Money at Risk: Finance & Data Security in the Digital Age

Across industries, providing customers with superior experience is essential for success. However, the financial services industry faces unique challenges relative to customer expectations. Chief among these is the unarguable fact that financial services organizations are consistently a top target for cyber threat actors, a reality that exists in tension with the #1 criterion customers use to evaluate financial institutions: security1.

The Facts: Financial Services Industry and Cyber Threats

Year after year, cybersecurity research reveals the ugly facts. In 2020, the financial services industry was the #1 most targeted industry for cyberattacks2. Ransomware attacks plagued the industry in 2021, with 74% of financial services institutions reporting attacks3. Statistics from 2022 show a continued trend of persistent targeting, as the financial services industry ranked #2 for number of data breaches across all industries4.

Recent research focusing on threat activity in 2022 revealed that distributed-denial-of-service (DDoS) attacks have become the biggest threat to financial services businesses. From 2021 to 2022, DDoS attacks on financial services companies rose 22% year-over-year, making the industry the most frequently targeted for this type of attack5,6. Because DDoS attacks disable the targeted company’s IT systems, hackers often use these attacks to extort financial services firms.

The Challenge: Meeting Financial Customers’ Conflicting Demands

What cyber threat actors know about financial services firms is that system downtime sends a clear warning signal to customers. Getting a sense that their bank, lender, or investment firm has weak security can drive customers to close their accounts and switch to a competitor. This pressure can and does influence financial services companies to pay the cybercriminals to regain system functionality. Given that customers rank security as their top criterion for evaluating a financial services institution, it is understandable that financial services firms might go to these lengths.

Compounding the pressure on financial services companies is that some of their customers’ service expectations introduce security risks of their own. Customers increasingly demand access to their financial information through online and mobile platforms, with 61% of customers currently using some form of online banking each week7. Offering remote account access enhances customer experience, but at the same time increases the attack surface for threat actors. In other words, it gives hackers a higher number of possible points of entry into the customer’s account and the institution’s network.

Keeping up with customer expectations in the digital age can create conflicting demands on financial services institutions. Customers demand a high level of security from their financial institutions, and they also want mobile and online access for the best user experience possible. Meeting the demands of today’s financial customer requires a rock-solid cybersecurity program, discussed in the next section.

The Solution: A Cybersecurity Posture That Earns Digital Trust

Digital trust is earned by businesses that demonstrate a commitment to keeping customers’ data both private and secure. Key elements of a solid security program include:

  • Identity & Access Management (IAM): IAM allows a financial institution to carefully guard remote access to its network and data. Because IAM includes explicit verification of users along with least-privilege access, it adheres to principles of zero trust security. Using measures such as multi-factor authentication (MFA) supports identity verification for both customers and internal stakeholders such as employees. Furthermore, controlling which parties (e.g., employees at different levels of authority or in different departments) can access what portions of the network also creates safeguards that protect against internal and external malfeasance.
  • Security Information & Event Monitoring (SIEM): SIEM provides financial institutions with superior network protection because it uses artificial intelligence (AI) to analyze event log activity across an entire network in real time. When aberrant or suspicious behavior is detected within the financial firm’s network, SIEM tools immediately generate alerts. For example, one of the most frequent attack vectors in the financial services industry is web application attacks, which might go unnoticed by employees until the point at which severe damage is done8. But with SIEM’s early detection of aberrant activity, the financial institution is empowered to take control of the incident in progress and initiate response protocols as appropriate to contain the damage.
  • Encryption: Another important component of a strong cybersecurity program for financial institutions is encryption. Customer data should be encrypted when it is stored, transmitted, or received, as this helps to protect data from unauthorized access.
  • Security Awareness Training: Employee error is an ever-present concern across all industries, making regular security awareness training a must-have. Threat actors use constantly evolving tricks and tactics to gain unauthorized access to financial institution networks and customer accounts. Employees who participate in security awareness training learn about subjects like safe device and password practices, how to spot phishing and other social engineering attacks, and how to report potential threats for investigation.
  • Incident Response Planning: In today’s world, businesses recognize that it’s not a matter of “if” a cyber incident occurs; it’s a matter of when. And when it happens, a ready-to-implement plan will be of the utmost importance. The plan needs to lay out the steps to take and in what order, such as powering down equipment, preserving evidence, and calling the authorities. There should be a clear plan for notifying any parties affected by the incident, including customers. The plan should also include provisions for notifying credit bureaus and customers if sensitive information like social security numbers is breached. Importantly, the most important security feature, endorsed by 56% of financial services customers as “extremely valuable,” was notification regarding social security number breach9.
  • Compliance Assessment: Financial institutions may be subject to any number of security regulations, such as FINRA, SEC, or GDPR, to name a few. A security compliance assessment helps financial organizations to identify where they are out of compliance with applicable standards. With this understanding, recommendations can be made regarding cybersecurity policies, practices, and solutions to implement to cement compliance with applicable standards.

NexusTek is experienced in FINRA, SEC, GDPR, CMMC, and NIST compliance standards, and offers an expansive collection of cybersecurity assessments and solutions to support financial institutions to build digital trust with customers.

Need to ensure that your cybersecurity defense is strong enough? Our cybersecurity experts can help.


  1. Business Wire. (2021, June 22). Privacy and security are top concerns for digital banking consumers.
  2. Contreras, W. (n.d.). Cyberattacks on financial institutions: Data breaches in 2020. Motiva.
  3. Tett, G. (2023, February 16). The financial system is alarmingly vulnerable to cyber attack. Financial Times.
  4. (2022, December 20). Flashpoint year in review: 2022 financial threat landscape. Bloomberg.,for%20ransomware%20activity%20in%202022
  5. Martin, A. (2023, January 31). Denial-of-service attacks rise, raising concerns for banks.
  6. Herzberg, B. (2023). The biggest cyber threats for the financial industry in 2023. Cyber Defense Magazine.,attacks%20has%20been%20constantly%20growing
  7. Bennett, R. (2023, March 13). Digital banking trends in 2023. Bankrate.
  8. Sanna, N. (2023, March 7). How does your industry compare when it comes to the financial loss exposure of cyber threats? World Economic Forum.
  9. Paige, W. (2022, December 1). Banks in the US aren’t listening to consumers’ data security fears. Insider Intelligence.

IMPORTANT INFO About Global CrowdStrike Outage