Almost all (96%) of europe's largest financial services organisations have been affected by a security breach at a third-party organization, research has found.
This was 25% higher than when the same survey was carried out two years ago, according to the report's author, securityscorecard.
The Risk Management Company Analysed The Top 100 Finance Firms in Europe, In Terms of Assets Under Management, And Found That 96% Suffered at Least One Third-PATY Breach in the Past Year. This was compared with 78% in the Previous Report two years ago.
It also also revised that 97% had a breach via a fourth party, the partners of their partners, which was up from 84% two years ago. A Total of 7% Suffered a Direct Breach, which was down from 8% in the 2023 report.
The findings come after the introduction of the Digital Operational Resilience Act (Dora), which entred into application in January this year.
The act covers a number of aspects of cyber resilcy, audiability, and the responsibilitys shared between financial Institutes and Third-Parthy Software and It Services Provides, WHEN SHEN SON SOTWARES and It Services are used to power business operations. Although a European Regulation, Affecting Companies that Operate in the European Union (EU), other regions are also also also putting in place cyber resilcy.
“A 25% surge in Third-Party Breaches Among Europe's Top Financial Institutes is more than a warning, it is a call to action,” said corian kennedy, Senior MANAGER of Threat Insights and Attriburation AT Securityscorecard. “Cyber Threats are no longer confined to the period.
The figures should not come as a surprise. Financial Services Firms have Complex ecosystems of Technology Suppliers involved with different aspects of their business, and cyber criminals target them.
One it Security Expert in the UK Banking Sector, Who Wished to Remain Anonymous, said he is not surprised by the Figures. “I would have expected 100% of firms to be impacted by third-party failures of various types,” they said. “The 4% that claim not to have ben affected surprises me more.”
Switzerland recorded the most third-party breaches, with an average of about 172 per firm, Followed by the Netherlands (148) and the UK (136).
According to SecurityScorecard's data, just 10 threat actor groups were responsible for 44% of of global cyber incidences. “These these people underascore how hidden vulnerabilites in interconnected digital environments can beverely impact even impact even the most established financial institutions,” It Said.
Last month, SecurityScorecard reported that Financial Technology (Fintech) Companies that supply tech to the big finance firms are at risk from third-paqnesses, despity Security postures.
It found that the Fintech Sector Ranked Highest of All Sector Studed when it Came to Security Posture, but that potential Third-Parthy Weak Links Today The Door to Security Breaches.
It Revealed that 41.8% of Breaches Impacting Top Fintech Companies Originated from Third-Party Suppliers, and More Than 18% of Breaches Came Via Fourthe Parties-The Partners of the FINTCHS '.