Automation among top security objectives for financial institutions 

Nearly 50% of organisations have experienced a security breach in the last two years.

  • Monday, 16th December 2024 Posted 3 months ago in by Phil Alsop

SailPoint Technologies has unveiled the 2024 State of Identity Security in Financial Services, a comprehensive report highlighting the top identity security challenges financial services companies face when governing identities, meeting security requirements, and ensuring compliance. The report revealed the top identity objectives for financial service providers, including improving identity governance controls, replacing manual processes with automation, and expanding identity programmes to manage third-party non-employees.  

Findings indicate that nearly 80% of organisations are concerned about vulnerabilities resulting from overprovisioning third-party identities or non-employees, which increases the risk of cyberattacks. Additionally, a rapid influx of identities that often come with mergers and acquisitions (M&As), increases risk according to 77% of respondents. Companies that have acquired other companies may lack visibility into the additional identities’ access, which can lead to over-provisioning, access delays, and other identity challenges during offboarding and transfers. 

Compliance is another shared frustration among financial service organisations, with 93% finding it difficult to remain compliant. Respondents’ most common pain points include a lack of resources, cumbersome manual processes, and large time commitments. As a result of these struggles, 64% received an identity-related audit citation over the last two years. Reducing cyber and compliance risks are among the most important factors when considering an identity security solution.  

Moreover, numerous findings within the report indicate many identity security tools require too many manual processes (53%) and lack automation (49%). These issues are directly related and result in slow and error-prone processes, compliance issues, and increased risk, especially during large-scale identity increases from M&As. These tools do not provide analytics to help reveal risks—such as overprovisioning, a lack of separation of duties, excessive third-party access, and anomalous access—placing the burden on identity security teams who are already buried in manual processes. 

Steve Bradford, Senior Vice President EMEA at SailPoint, said:  

“The vast amount of sensitive, personal data makes financial services a treasure trove for cyber criminals. This cyber risk is growing more complex as institutions transform and identity data grows in volume, variety and velocity. Whether through mergers and acquisitions or an influx of machine and third-party identities, firms must carefully manage which identities have access to what, when and for how long. Vast amounts of sensitive data open firms up to data breaches, so it’s crucial that organisations take necessary steps to govern and protect against threats targeting themselves and the wider supply chain.   

  

“As the EU’s Digital Operational Resilience Act (DORA) comes into effect next month, firms need to have well-defined policies for managing cyber risk – particularly those related to legacy technology, unauthorised access, insider threats and AI generated content. With the average cost of a breach being over $6 million, our findings highlight a critical need for a modern, automated approach to identity security. Unifying vast amounts of identity data within a singular, centralised platform enables better visibility and management. This context is critical to help organisations detect and address suspicious behaviour, and manage any threats before a breach occurs.”   

Failure to prioritise testing and integrate generative AI tools raises concerns as agentic AI adds pressure.

CIOs 'overspend' on cloud

Posted 5 days ago by Phil Alsop
43% of CIOs say their CEOs and/or board of directors have concerns about their company’s cloud spend.
Research revealed at Coterie Connect event highlights shifting team structures, evolving skills priorities, and urgent training needed for partner...
Endava has launched its latest research report “AI and the Digital Shift: Reinventing the Business Landscape”.

3,000% surge in enterprise use of AI/ML tools

Posted 1 week ago by Phil Alsop
Zscaler has released the ThreatLabz 2025 AI Security Report, based on insights from more than 536 billion AI transactions processed between February...
Over one in four (28%) British small business owners have used AI tools to help run their business.

Tech fragmentation cited as biggest cyber challenge

Posted 1 week ago by Phil Alsop
New Palo Alto Networks data shows 82% of UK organisations confident in their use of AI, despite AI being identified as biggest cyber risk for 2025.
MIT researchers crafted a new approach that could allow anyone to run operations on encrypted data without decrypting it first.