Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityManagementSecurity NewswireCybersecurity NewsBanking/Finance/Insurance

Financial Services Companies Lack Trusted Data to Make Cybersecurity Decisions

Cyber Insurance Rates, Purchases and Coverage
May 19, 2020

Senior security leaders within financial services companies are being challenged with a lack of trusted data to make effective security decisions and reduce their risk from cyber, according to Panaseer’s 2020 Financial Services Security Metrics Report. Results from a global external survey of over 400 security leaders* that work in large financial services companies reveal concerns on security measurement and metrics that include data confidence, manual processes, resource wastage and request overload.

The results demonstrate myriad issues with the processes, people and technologies required to have a full understanding of the organization’s cyber posture and the preventative measures required to stop a security control failure from becoming a security incident. The vast majority (96.77 percent) of respondents claimed they use metrics to measure their cyber posture, with the primary use for security metrics being risk management (41.69 percent), demonstrating the success of security initiatives (28.04 percent), supporting security investment business cases (19.11 percent) and Board/ executive reporting (10.17 percent).

Over a third (36.72 percent) of security leaders said that their biggest challenge in creating metrics to measure and report on risk is ‘trust in the data,’ followed by the resources required to produce them (21.34 percent), the frequency of requests (14.64 percent) and confusion over knowing what metric to use (15.3 percent). Less than half of respondents (47.75 percent) could claim to be ‘very confident’ that they are using the right security metrics to measure cyber risk.

Resource requirements and request overload are cited as other issues fueling the metrics mayhem. On average, security teams are spending 5.34 days a month compiling metrics for managing risk – and that doesn’t include the time the team spending compiling metrics for other stakeholders, including regulators, auditors and the Board. Security leaders also claim they must refresh these security metrics for risk teams every 16 days.

Manual processes are also cited as fueling data mistrust. Over half (59.8 percent) of security leaders said that they are still relying on spreadsheets to produce metrics and 52.85 percent are using custom scripts. Nearly one in five (18.75 percent) admitted to relying exclusively on manual processes to develop their security metrics for risk.

Nik Whitfield, CEO, Panaseer, says, "Security metrics are frequently cited as the bane of the security teams’ lives. Not knowing the accuracy, timeliness or even limitations of a metric can render it useless – which is simply unacceptable against a backdrop of tightening regulation and an increasing attack surface. The President of the European Central Bank recently went on record to warn that a cyberattack on a major financial institution could trigger a liquidity crisis. We must move on from the era of out-of-date inaccurate metrics to one where they are automated and measured on a continuous basis. Financial service organizations, in particular, need trusted and timely metrics into an organization’s technology risk, segmented where possible to critical operations. With this information, the Board can then have a better understanding of what risks are and aren't acceptable to keep customer data safe."

To read Panaseer's full 2020 Security Metrics Report, please visit: https://panaseer.com/reports-papers/report/2020-security-metrics-report/

KEYWORDS: cyber security data breach financial sector risk management

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Security Enterprise Services
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Cybersecurity
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Cybersecurity
    By: Charles Denyer
Subscribe For Free!
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

  • Duty of Care
    Sponsored byAMAROK

    Integrating Technology and Physical Security to Advance Duty of Care

Popular Stories

Pills spilled

More than 20,000 sensitive medical records exposed

Laptop in darkness

Verizon 2025 Data Breach Investigations Report shows rise in cyberattacks

Coding on screen

Research reveals mass scanning and exploitation campaigns

White post office truck

Department of Labor Sues USPS Over Texas Whistleblower Termination

Computer with binary code hovering nearby

Cyberattacks Targeting US Increased by 136%

2025 Security Benchmark banner

Events

May 22, 2025

Proactive Crisis Communication

Crisis doesn't wait for the right time - it strikes when least expected. Is your team prepared to communicate clearly and effectively when it matters most?

September 29, 2025

Global Security Exchange (GSX)

 

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • SEC0820-Data-Feat-slide1_900px.jpg

    Using chip technology to make data sharing safer in financial services

    See More
  • cloud-enews

    How to Make Informed Risk Management Decisions about What to Store in the Cloud

    See More
  • ransomware freepik

    Companies lack basic cybersecurity practices to combat ransomware

    See More

Events

View AllSubmit An Event
  • March 6, 2025

    Why Mobile Device Response is Key to Managing Data Risk

    ON DEMAND: Most organizations and their associating operations have the response and investigation of computers, cloud resources, and other endpoint technologies under lock and key. 
  • September 3, 2024

    From DDoS Protection to WAAP: How Layered Protection Enhances Your Cybersecurity Strategy

    ON DEMAND: By participating in the webinar, attendees will gain enhanced knowledge of cyber threats and understand the current spectrum of cyber threats facing businesses.
View AllSubmit An Event
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing