Bridewell research reveals 59% of finance cyber leaders hit by ransomware attack

Escalating ransomware and phishing threats demand reinforced cyber defences for financial services.

  • Wednesday, 31st July 2024 Posted 4 months ago in by Phil Alsop

Almost six in ten (59%) businesses in the financial services sector have admitted to being on the receiving end of a ransomware attack in the past 12 months.

This is according to the latest research by Bridewell, which has surveyed 521 staff responsible for cyber security at UK CNI organisations encompassing civil aviation, energy, transport, finance and central government.

The dual attack threat

Ransomware attacks have significant implications for the financial services industry. Organisations that fail to deal effectively with these threats risk their reputation and falling foul of strict compliance rules. 46% of respondents cited losses from legal fines and reputational damage as the primary consequences of a breach.

In addition to the growing ransomware threat, phishing attacks are also widespread, averaging 13 incidents per year. The dual threat is putting immense pressure on the industry to enhance its cyber defences and response strategies.

Delayed response

Given these significant consequences, the sector is struggling to react quickly to cyber incidents and mitigate the damage they cause. While financial businesses take 6.62 hours on average to respond to ransomware attacks, phishing, nation-state backed attacks and malware require more than 10 hours, while supply chain attacks and data theft misuse require more than 13 hours. The nation-state threat continues to escalate as Russian, Chinese, Iranian and North Korean-affiliated threat actors escalate their efforts, particularly in the wake of the Russia-Ukraine and Israel-Palestine conflicts.

Future-proofing finance

Despite these concerns, finance organisations are actively enhancing their cyber security measures. Almost all financial organisations (95%) are leveraging AI-driven tools, including chatbots, phishing detection and data loss prevention. Furthermore, nearly half of respondents (49%) expect to spend more on IT security than last year.

“The financial sector is subject to strict rules and regulations, with non-compliance detrimental financially and reputationally, making it a vulnerable industry. But ransomware and phishing attacks are having a detrimental impact, and lengthy response times are only adding to the damage caused. With nation-state attacks also posing a significant threat, the sector must fortify its cyber defences with incident response and reporting, defined risk management practices, regular audits and training programmes to futureproof its operations. It’s promising that the sector is already adopting AI-driven solutions and planning to invest more in cyber security in order to do so,” says Anthony Young, Chief Executive Officer of Bridewell. 

Beacon, NY, Dec 20, 2024– DocuWare unveils its AI-powered Intelligent Document Processing (DocuWare IDP), bringing about unprecedented improvements...
85% of IT decision makers surveyed reported progress in their companies’ 2024 AI strategy, with 47% saying they have already achieved positive ROI.

MSPs will invest in more AI security forecasting

Posted 6 days ago by Phil Alsop
Predictive maintenance and forecasting for security and failures will be a growing area for MSPs with an interest in security, says Nicole Reineke,...

Machine identities next big target for cyberattacks

Posted 1 week ago by Phil Alsop
Venafi has published the findings of its latest research report: The Impact of Machine Identities on the State of Cloud Native Security in 2024....
Nearly 50% of organisations have experienced a security breach in the last two years.

IT professionals recognise lack of gender diversity

Posted 1 week ago by Phil Alsop
The majority (87 percent) of IT professionals agree that there is a lack of gender diversity in the sector, yet less than half (41 percent) of...

A moving landscape for MSPs

Posted 1 week ago by Phil Alsop
2025 predictions from Ranjan Singh, chief product officer at Kaseya.

Data breach epidemic takes its toll

Posted 1 week ago by Phil Alsop
New study by Splunk shows that a significant number of UK CISOs are stressed, tired, and aren’t getting adequate time to relax.