Financial services
We've curated 174 cybersecurity statistics about Financial services to help you understand how evolving threats like phishing, data breaches, and advanced fraud techniques are reshaping the industry in 2025.
Showing 101-120 of 174 results
46% of financial services leaders highlight insider threats as a top concern.
Server-side injection (Web/API): 4.2% in the financial services industry (versus 5.3% average in other industries).
Business logic flaws: 2.9% in the financial services industry (versus 2.3% average in other industries).
The Median Time to Remediation (MTTR) for serious findings is 61 days in the financial services industry. This ranks financial services 11th of 13 industries measured.
68% of financial services leaders highlight GenAI-related risks as a top concern.
76% of financial services leaders highlight third-party software vulnerabilities as a top concern.
Cross-site scripting (Web/API): 5.0% in the financial services industry (versus 9.7% average in other industries).
Server security misconfigurations: 34.9% in the financial services industry (versus 27.9% average in other industries).
The half-life for serious findings is 147 days in the financial services industry. This metric, which accounts for unresolved vulnerabilities, places FS ninth overall out of the thirteen measured industries.
Components with known vulnerabilities: 6.1% in the financial services industry (versus 5.5% average in other industries).
70% of financial services firms report that delays in scheduling pentests sometimes impact compliance or business timelines.
78% of financial services firms report fixing critical vulnerabilities in business-critical assets within 14 days, indicating they narrowly meet strict internal SLA requirements.
The financial services industry resolves about two-thirds (66.7%) of serious findings. This ranks the industry 10 out of the 13 industries Cobalt researched.
91% of payment leaders express concern regarding the risks associated with AI.
60% of payment leaders find the current AI fraud detection tools ineffective.
Nearly half of financial services organizations (49%) operate without formal AI policies.
The average duration business operations were affected by ransomware in financial services was 33 days.
Between 2019 and 2023, financial services experienced large losses primarily from data breaches (40.9%) and ransomware (40.9%), followed by other causes (18.2%).
Unapproved GenAI usage rates are highest in technology (40%), financial services (32%), and government (38%).
Banks experienced a +149% rise in synthetic voice attacks in 2024.