Tough regulations mean financial services groups in Australia and New Zealand “tend to be further advanced than other sectors when it comes to overall cybersecurity”, Thales says.

The security company’s Australia and New Zealand director of data security Erick Reyes says the combination of sensitive, high-value data and stringent prudential oversight is helping to reduce cyberattack fallout. 

“While compliance mandates remain one of the industry’s biggest challenges, our research indicates that compliance achievements drive better security outcomes, leading to fewer breaches,” he said.

The 2024 Thales Data Threat Report says cyber preparation is still poor worldwide in financial services, with only a quarter of groups surveyed saying they have a formal incident response plan. 

It says 18% of financial services organisations reported suffering ransomware incidents.

“What is concerning when we look at new threats coming from technologies such as generative AI and even quantum computing is an overall lack of preparedness,” Mr Reyes said. “Three in four organisations globally do not yet have a formal plan in place should they fall victim to a ransomware attack. Others continue to struggle with the complexities of securing their assets in the cloud, as well as integrating security within their development and operational processes.”

Thales says the proportion of financial services groups experiencing data breaches in the past year was 14%, down from 29% in 2021. Of those attacked with ransomware, 5% resolved the incident through ransom payments, and 9% were willing to consider this.  

The report is based on a global survey of 2961 respondents, including 108 in Australia and 54 in New Zealand.

From Insurance News magazine: Why the Crowdstrike outage should serve as a wake-up call for businesses worldwide