A new report reveals nearly 70% of financial services and insurance companies have suffered rollout delays due to API security while 92% have had security issues in production APIs.

The 2023 "State of API Security for Financial Services and Insurance” report released by Salt Security combines empirical data from customers and findings from two separate surveys to provide an in-depth analysis of the impact of API security threats and vulnerabilities on these industries.

The results found API attackers targeting financial services and insurance APIs have become increasingly active, with a 244% increase in unique attackers between the first and second halves of last year. In addition, 92% of financial/insurance respondents say they have experienced a significant security issue in production APIs over the past year, and nearly one out of five have suffered an API security breach. 

Other report highlights

• 69% of financial services/insurance respondents say they have experienced rollout delays due to API security issues — 11% higher than the overall response average
• 17% of respondents have experienced an API-related security breach
• 84% of attacks against financial services/insurance sectors came from "authenticated" users who appeared legitimate but were actually attackers
• 71% of financial/insurance respondents say their existing tools are not very effective in preventing API attacks
• More than 25% of respondents say they have no current API strategy
• 56% of financial services/insurance respondents say API security is now a C-level issue (8% higher versus the overall response average at 48%)
• 79% of financial services/insurance CISOs say that API security is a higher priority today than two years ago
• 76% of financial services/insurance CISOs say their organizations have made API security a planned priority over the next two years, with 13% saying it will be a critical priority