Financial services
We've curated 113 cybersecurity statistics about Financial services to help you understand how evolving threats like phishing, data breaches, and advanced fraud techniques are reshaping the industry in 2025.
Showing 41-60 of 113 results
Business logic flaws: 2.9% in the financial services industry (versus 2.3% average in other industries).
Server-side injection (Web/API): 4.2% in the financial services industry (versus 5.3% average in other industries).
68% of financial services leaders highlight GenAI-related risks as a top concern.
46% of financial services leaders highlight insider threats as a top concern.
The Median Time to Remediation (MTTR) for serious findings is 61 days in the financial services industry. This ranks financial services 11th of 13 industries measured.
78% of financial services firms report fixing critical vulnerabilities in business-critical assets within 14 days, indicating they narrowly meet strict internal SLA requirements.
70% of financial services firms report that delays in scheduling pentests sometimes impact compliance or business timelines.
76% of financial services leaders highlight third-party software vulnerabilities as a top concern.
The half-life for serious findings is 147 days in the financial services industry. This metric, which accounts for unresolved vulnerabilities, places FS ninth overall out of the thirteen measured industries.
Cross-site scripting (Web/API): 5.0% in the financial services industry (versus 9.7% average in other industries).
Industries like hospitality resolve serious findings significantly faster than the financial services industry (61 days vs 20 days).
The financial services industry resolves about two-thirds (66.7%) of serious findings. This ranks the industry 10 out of the 13 industries Cobalt researched.
Nearly half of financial services organizations (49%) operate without formal AI policies.
60% of payment leaders find the current AI fraud detection tools ineffective.
91% of payment leaders express concern regarding the risks associated with AI.
The average duration business operations were affected by ransomware in financial services was 33 days.
Between 2019 and 2023, financial services experienced large losses primarily from data breaches (40.9%) and ransomware (40.9%), followed by other causes (18.2%).
Unapproved GenAI usage rates are highest in technology (40%), financial services (32%), and government (38%).
Retail fraud doubled, with the sector experiencing an average of one fraud attempt in every 127 calls in 2024. This is five times higher than financial institutions.
Banks experienced a +149% rise in synthetic voice attacks in 2024.