4 out of 5 Financial Services Businesses Receive Grade of “B” or Better in Cybersecurity Ratings, Outperforming Non-Finance Organizations
SecurityScorecard, the global leader in cybersecurity ratings, released new research findings into the cybersecurity postures of the 2021 Forbes Global 2000. Using SecurityScorecard’s exclusive 10-factor score analysis, the report compared the performance of the financial sector versus non-financial companies. The results show a vast disparity between the state of financial services organizations compared to non-finance firms, yet also reveals a number of vulnerabilities that still need to be addressed.
Read More: Qumulo Announces Native Support for Amazon Nimble Studio
The report, 2021 Forbes Global 2000 Financial Sector Cybersecurity Health Check, examines the state of firms immediately after two major ransomware attacks, and the publication of several known CVE vulnerabilities.
Some of the key findings include:
- The finance industry persistently and consistently scored better than non-finance firms for internet security. Overall, 80% of finance institutions (banking, diversified financials and insurance) in the Forbes Global 2000 scored a “B” or better, compared to 63% of non-finance organizations.
- The spread of security scores is narrower for the finance industry than for the non-finance industry, but there are still financial institutions that rank poorly on overall scores and on individual security factors.
- Across most key security factors, the finance industry scores better than non-finance, most notably in patching cadence. Importantly, finance firms have 10x fewer high-severity CVEs on their systems than do non-finance companies suggesting finance firms are particularly adept at software patching.
“The finance industry understands that they are a prime target of attacks motivated by profit. The sheer volume of financial transactions and high value corporate assets makes the financial industry a more lucrative target than ever before,” says Alexander Heid, Chief Research and Development Officer, SecurityScorecard. “However, the most recent ransomware events prove that nobody is immune to cyberattacks and extortion. While financial services organizations are faster in patching vulnerabilities than non-industry peers – the use of legacy systems and applications with known vulnerabilities is still an immediate threat that must be addressed. Every organization needs to be aware of their current cybersecurity exposure in order to implement effective mitigations as opposed to incident remediation.”
Read More: SalesTechStar Interview With Michael Schwalb, GM Of Partnerships And Data At JW Player
With the ability to continuously monitor and scan billions of signals every week, SecurityScorecard is the global industry leader in cybersecurity ratings. The company collects and analyzes global threat signals that allow organizations to have instant visibility into the security posture of vendors and business partners as well as the capability to do a self-assessment of their own security posture. The technology continuously monitors millions of companies to instantly deliver an easy-to-understand A-F rating.
Read More: In the Future AI And Web Scraping Will Go Hand-in-Hand