The World Economic Forum’s Global Cybersecurity Outlook 2025 Insight Report reveals a concerning forecast for technology security teams globally. The financial sector emerges as particularly vulnerable, as evidenced by a Statista report that estimates the average cost of a data breach in this domain at approximately $6.08 million in 2024, significantly outweighing the overall industry average of $4.88 million. This stark reality underscores the necessity for financial institutions to elevate their cybersecurity defenses and actively reduce their exposure to cyber threats. One recommended approach is the automation of cybersecurity processes, allowing Security Operations Center (SOC) teams to concentrate on more strategic initiatives.
Recent findings from Threat Quotient’s research on The Evolution of Cybersecurity Automation Adoption indicate that financial services organizations generally demonstrate greater maturity in adopting cybersecurity automation compared to other sectors. The data suggests that many of these institutions have moved beyond the disillusionment phase that often accompanies new technology adoption. Notably, the report highlights a rise in the recognition of the importance of cybersecurity automation, from 69% to 87%, with a primary focus on incident response, phishing analysis, and threat hunting.
Nonetheless, with the increasing complexity of cyber threats, firms within the financial sector must enhance their preparedness against attacks. Governments are responding by enforcing stricter regulations, such as the Digital Operational Resilience Act (DORA) in the EU, which mandates defined protocols for managing ICT-related incidents. Among its requirements, organizations are urged to engage in sharing threat intelligence to boost awareness of the cybersecurity landscape at an industry level.
Understanding the current threat landscape is crucial for organizations aiming to bolster their security measures and preemptively mitigate risks. Companies should systematically gather, analyze, and share information regarding cybersecurity threats to identify emerging trends. This collective knowledge, when broadly disseminated across organizations, can significantly improve alertness and readiness against potential cyber threats.
Despite the value of sharing threat intelligence, Threat Quotient’s research shows that within the financial services sector, information is typically shared only with direct partners and suppliers (59%) and internally (48%). Expanding this sharing beyond organizational boundaries allows security teams to leverage real-world attack data, enhancing their capabilities to strengthen cybersecurity practices.
Encouragingly, a significant percentage (59%) of financial services organizations are currently sharing threat intelligence with partners and suppliers, addressing the inherent cyber risks associated with the supply chain, especially as smaller suppliers may lack robust security measures. DORA highlights the necessity of managing third-party ICT risks cohesively within an organization’s overall risk management framework. This extensive sharing of threat intelligence should be seen as a fundamental best practice in mitigating risks across the supply chain.
Simultaneously, threat actors are increasingly collaborating and sharing knowledge within their own networks, with Cybercrime-as-a-Service (CaaS) offerings providing sophisticated tools to a wider audience. In response, organizations must unify their efforts by sharing threat intelligence across both large and small entities to collaboratively assess vulnerabilities and implement proactive defense strategies. Such collaboration forms a crucial element of effective cybersecurity, further enhanced through the integration of cybersecurity platforms designed to boost collaborative efforts.
While addressing the widening skills gap in cybersecurity remains challenging, technology can offer valuable assistance in alleviating pressure on teams facing regular cyber threats. By leveraging threat intelligence, security teams are empowered with actionable, real-world insights, allowing for improved attack preparedness. Automating critical elements of threat hunting and intelligence gathering enables teams to operate more efficiently, prioritizing high-risk threats and developing quicker, more effective responses. This proactive stance not only solidifies an organization’s cybersecurity posture but also strengthens the collective defenses of supply chains and the broader industry.
Artificial intelligence (AI) presents both challenges and opportunities in the domain of cybersecurity. While the financial sector has made strides in adopting automation, the application of AI within cybersecurity operations remains in its early stages across numerous industries. The Evolution of Cybersecurity Adoption report indicates that half of the financial services participants utilize AI, a figure significantly higher than in other industries. However, the increased use of AI technologies raises concerns, as they can bolster the capabilities of threat actors while simultaneously offering immense potential for enhancing organizational defenses. For instance, generative AI can streamline threat intelligence processes, permitting security teams to concentrate on more complex and critical tasks.
As cyber threats evolve in sophistication, it is imperative for the financial services sector to forge partnerships and establish a collaborative stance against potential attacks. Emphasizing the adoption of cybersecurity automation will help organizations identify, analyze, and prioritize threats, enhancing decision-making processes and facilitating prompt responses while mitigating the potential impact of attacks. Ultimately, shared threat intelligence cultivates unity within the financial services industry, equipping organizations to safeguard the critical assets entrusted to them by their customers.
