A recent report on financial cybersecurity practices found that while organizations are aware of risks, they need more resources to address those risks.
A recent examination of cybersecurity in the financial services industry found that while organizations are aware of cybersecurity risks, they feel they need more resources to address those risks. Our infographic illustrates some key findings from The State of Software Security in the Financial Services Industry. These highlights show the state of financial cybersecurity and what organizations should focus on. Download the PDF version, or read on for our analysis.
Ponemon Institute surveyed 414 financial services industry organizations to determine the state of financial cybersecurity.
Organizations felt confident they could detect attacks (56%) and contain attacks (53%). But they weren’t so confident they could prevent attacks (31%).
Part of preventing attacks means testing software for vulnerabilities before releasing it. Only 34% of financial software is tested for cybersecurity vulnerabilities. Most financial organizations conduct security vulnerability assessments only after software release.
Only 25% are confident that they can detect cybersecurity vulnerabilities in their financial software and systems before going to market.
FSI organizations are increasingly delivering services with the help of third-party applications.
The Black Duck Audit Services team reviewed 1,200+ codebases in 2018, and this is what they found:
No financial services organization could run without software. But FSI organizations are still struggling to secure the software and systems they already use, and they aren’t prepared to face the flood of new technology racing their way. Clearly, financial cybersecurity is not keeping pace with technology advances, and the issue will only worsen unless the industry takes proactive steps now. Find out more in The State of Software Security in the Financial Services Industry report.