The recent report from SecurityScorecard reveals alarming cybersecurity trends among financial institutions in the European Union (EU). According to the report, 78% of financial institutions suffered a data breach in the past year, indicating a high level of vulnerability in the sector.
Additionally, a staggering 84% of these institutions were exposed to a fourth-party breach, highlighting the risks associated with the broader ecosystem of third- and fourth-party vendors. The report suggests that there is a lack of consensus among businesses on how to measure and track fourth-party risks.
The study also found that supply chain attacks, where threat actors exploit vulnerabilities in third- and fourth-party vendors, are becoming more popular among hackers. Only 3% of the third-party vendors analyzed in the report suffered a breach, indicating that cybercriminals are targeting supply chain weaknesses to infiltrate financial institutions.
Furthermore, the report identified that 18% of the financial entities assessed had a poor cybersecurity rating (C or lower), making them four to seven times more likely to experience a data breach compared to those with the highest ratings. The researchers listed several factors that businesses should pay attention to in order to predict a data breach, including endpoint security, patching cadence, ransomware score, DNS health, IP reputation, cubit score, and network security.
The findings of this report raise concerns about the overall cyber resilience of financial entities in the EU and highlight the need for improved cybersecurity measures to protect sensitive financial data.
