The attacks in this sector are perpetrated by external actors who are financially motivated to get easily monetized data (63%), internal financially motivated actors (18%) and internal actors committing errors (9%). Web Application attacks that leverage the Use of stolen credentials also continue to affect this industry. Internal-actor-caused breaches have shifted from malicious actions to benign errors, although both are still damaging.
1,509 incidents, 448 with confirmed data disclosure
Web Applications, Miscellaneous Errors and Everything Else represent 81% of breaches.
External (64%), Internal (35%), Partner (2%), Multiple (1%) (breaches)
Financial (91%), Espionage (3%), Grudge (3%) (breaches)
Personal (77%), Other (35%), Credentials (35%), Bank (32%) (breaches)
Implement a Security Awareness and Training Program (CSC 17), Boundary Defense (CSC 12), Secure Configurations (CSC 5, CSC 11)
Why is everybody always picking on me?
The Financial and Insurance sector has always had a target on its back due to the kinds of data it collects from its customers. The data shows that the sector remains a favorite playground for the financially motivated organized criminal element again this year. Web Applications attacks are in competition with the Miscellaneous Errors pattern for the top cause of most breaches, as shown in Figure 66. It is a bit disturbing when you realize that your employees' mistakes account for roughly the same number of breaches as external parties who are actively attacking you. Apparently, it really is hard to get good help these days, and you can take that to the bank.