Data breach cost reaches $4.2 million for financial firms

Infoblox Inc. unveils new research into how the COVID-19 shutdowns challenged the financial services industry’s core infrastructure. More than one year into the pandemic, banks, insurers, and other financial institutions report costly consequences to falling short of protecting their massive data troves from cloud-based attacks and network disruptions. 

Based on more than 800 responses from IT professionals working in the financial services industry in North America, Latin America, Europe and the Asia/Pacific region, the survey highlights:

• Data breaches are an increasingly significant cost burden for the industry: Worldwide, financial firms that experienced a data breach reported estimated average losses of roughly $4.2 million per attack, with U.S. organizations hit hardest at $4.7 million in estimated losses.
• Network outages also result in costly burdens: Institutions lose an estimated $3.2 million on average with Asia-Pacific followed by European institutions carrying the heaviest losses at $4.3 million and $3.1 million respectively.
• The industry remains a popular target for cloud-based attacks: Over half of all organizations (54%) surveyed suffered a data breach in the last 12 months with 49% were plagued by a cloud malware attack as well.
• Cloud and network-based attacks will continue to be a major threat vector: More than 50% of respondents expect to face a combination of IoT attacks, cloud vulnerabilities including misconfigurations, and data manipulation attempts over the next 12 months.
• Threat resolution teams are embracing network visibility for security hygiene: Globally, network monitoring (76%), threat intelligence (64%), and threat hunting (57%) are considered the most effective mitigation tactics against these threats.

“The financial services sector has long been a target for bad actors who are following the cyber money trail into the cloud,” said Anthony James, VP of Product Marketing at Infoblox. “As the pandemic pushed IT infrastructures to rely on remote work, cloud-based technologies that enabled digital transformation also created soft spots for cyber criminals to exploit.”

“This report shows us that cloud compromise has become the biggest cybersecurity issue for financial institutions and the investments they are making to protect themselves,” James continued. “Notably, respondents are starting to use DNS to catch network threats before they move upstream. This is reflected in the customer uplift we’re seeing for our BloxOne Threat Defense platform, which uses DNS to extend security to cloud-first infrastructure and accelerates threat resolution by orchestrating detection and remediation tools from the existing security stack.”