800-317-3840
Contact Us

Security Assessment Tool for Financial and Insurance Industries


Financial and Insurance

 

 

Request your free report

This industry is a favorite of financially motivated cybercriminals due to the many types of easily monetized personal data collected from customers. Last year, Web App attacks and Miscellaneous Errors accounted for the top two types of breaches—which shows the importance of limiting mistakes by your own employees.

  • Total incidents

    1,509

    The number of security incidents (Nov 2018 to Oct 2019) analyzed in this sector in the 2020 DBIR.

  • Top three patterns

    Web Applications 

    Miscellaneous Errors 

    Everything Else 

    The top trends that emerged from this sector’s data (Nov 2018 to Oct 2019) in the 2020 DBIR.

  • Threat actors 

    64% External 

    64 percent


    35% Internal 

    35 percent


    2% Partner 

    2 percent


    1% Multiple 

    1 percent

  • Actor motives 

    91% Financial 

    91 percent


    3% Espionage 

    3 percent


    3% Grudge 

    3percent

  • Data compromised 

    77% Personal 

    77 percent


    35% Other 

    35 percent


    35% Credentials 

    35 percent


    32% Bank 

    32 percent

Considerations

  • Accidents that lead to breaches

    The most common error in this sector was Misdelivery, which is when company information is sent to the wrong people. This can happen when an email system autocompletes to the wrong person or it can be a mass paper mailing with wrong names or addresses.

  • Small mistakes can mean big consequences

    Misconfiguration was the second most common error. This happens when a system admin launches a database in the cloud without the proper security controls. If you’re lucky, a security researcher will find the vulnerability and let you know—before a malicious attack can occur.

  • Criminals weaponize emails

    Criminals often like to pose as a senior executive and use their hacked account for phishing attacks requesting data from other employees. They may also use pretexting, in which an attacker responds to an existing email thread to request a wire transfer, updated bank account info, or to simply ask for valuable information.

See the latest trends in cybersecurity.

 

Explore the results of the 2020 Data Breach Investigations Report (DBIR) and see what patterns emerged across the thousands of security incidents, from companies both big and small.

 

See an overview of all trends

Read specific insights about your industry


  • 2020 dbir cover
  • Understanding the threats can help manage risk effectively

    The threats are real, the attackers motivated. But something stands between them and your organizations data: you and your security teams, with the insight, perspective, and tools to take action. You'll find that all right here.

    Download the report