Nowadays, talking about cybersecurity in the financial sector means talking directly about trust. It is no longer just a question of protecting systems or infrastructure, but of ensuring something much more delicate: the relationship of trust with the customer and the continuity of the business itself. Ultimately, banks and insurance companies manage extremely valuable assets — personal data, credentials and money — and this makes them a particularly attractive target for cybercrime.
In fact, in the United Kingdom, the financial sector is consistently among the most attacked: according to data from the Financial Conduct Authority, more than 20% of cyberattacks targeting businesses are aimed at financial organisations or those related to payment services. This data reflects the extent to which attackers prioritise this area because of its potential for direct monetisation.
In addition, the strong digitisation of banking and insurance services has considerably increased the area of exposure. Today, any security breach or service interruption has an immediate impact not only on operations, but also on reputation and regulatory compliance.
What are its particular characteristics compared to other sectors?
The financial sector is in a league of its own when it comes to cybersecurity. It has several characteristics that make the level of demand clearly higher than in other industries. The first is the regulatory framework. We operate in one of the most closely monitored environments in the market, with regulations such as DORA, PSD2 and the EBA guidelines that require entities not only to be protected, but also to demonstrate real operational resilience and very strict control over their third parties.
Added to this is a key factor: in finance, attacks are monetised almost instantly. While in other sectors the impact may be limited to operations or reputation, here cybercriminals go straight for the money. This makes campaigns much more targeted, persistent and sophisticated.
And there is another equally important element: the financial ecosystem is hyperconnected. Collaboration with fintechs, technology providers and open banking models has multiplied the possible entry points. In practice, this forces organisations to look beyond their traditional perimeter and manage cybersecurity with a much broader and more cross-cutting view of risk.
What are the main aspects of cybersecurity in this field?
To put it simply, cybersecurity in the financial sector today is based on several very clear pillars. The first, without a doubt, is the protection of identities and access. Identity has become the new perimeter, which is why we are seeing increasing adoption of Zero Trust models, IAM solutions and PAM controls. The objective is simple to understand: to ensure that only those who should have access do so, and with the right privileges, whether we are talking about employees or customers.
Another critical front is the protection of financial data. This is where capabilities such as encryption, information classification and data leak prevention (DLP) solutions come into play. Ultimately, we are talking about protecting one of the most sensitive assets of any entity: the financial and personal information of its customers.
Advanced detection and response has also gained a lot of importance. 24/7 SOCs, XDR platforms and threat intelligence make it possible to detect suspicious behaviour much earlier than a few years ago. Because today, the challenge is not only to prevent attacks—we know that’s impossible 100% of the time—but to detect them quickly and respond even faster.
And finally, operational resilience has come to the forefront, especially with the arrival of DORA. Here we are talking about business continuity, real incident recovery capability, regular resilience testing and much stricter control of third-party risk.
What are the main threats?
The threat landscape in the financial sector is becoming increasingly sophisticated… and also more professional. Targeted ransomware remains high on the list of concerns, particularly because of its direct impact on service continuity and the evolution towards double and even triple extortion models that we have been seeing in recent years.
At the same time, advanced phishing and identity fraud continue to grow. Attackers are refining their social engineering techniques, making them increasingly credible and difficult to detect. Closely linked to this, account compromise—especially in digital banking—has become one of the most common vectors.
Also of concern is the increase in attacks on the supply chain, exploiting dependence on third-party technology, and attempts to exploit APIs in open banking environments. And, as if that were not enough, attackers are already incorporating artificial intelligence into their operations, including the use of deepfakes for financial fraud.
What are the future trends in cybersecurity in finance?
Looking ahead to the coming years, everything points to much smarter, more automated and identity-focused cybersecurity. Artificial intelligence will be one of the major drivers of change, especially in predictive threat detection, automated response and real-time fraud prevention.
The Zero Trust model will continue to gain ground as the benchmark architecture, with access increasingly based on context and continuous verification. At the same time, regulatory pressure is not going to ease. DORA, for example, is acting as a real catalyst for strengthening operational resilience and third-party risk control across the sector.
We will also see a growing focus on protecting the extended digital ecosystem — cloud, APIs, fintechs — where each new integration opens up a potential surface area of exposure.
And, looking a little further into the medium and long term, concern about post-quantum threats is beginning to take hold. Although large-scale quantum computing is not yet an immediate reality, many financial institutions are already assessing the impact it could have on current cryptographic systems and beginning to plan their transition to post-quantum cryptography.
In this scenario, organisations that integrate cybersecurity as a central part of their digital strategy—and not just as a defensive layer—will be the ones best positioned for the future. Because in the financial world, now more than ever, security is trust.
