An official website of the Commonwealth of Massachusetts
This page, Understand cybersecurity for financial institutions, is part of
This page, Understand cybersecurity for financial institutions, is offered by

Understand cybersecurity for financial institutions

Find out about cybersecurity issues threatening your financial institution. Learn about the types of cyber criminals, the cost of cyber crime, and the types of cyber threats.

Cybersecurity has become a top focus of the financial services industry. The financial services industry is a vital component of the nation’s critical infrastructure. At the same time, it is a prime target for cyber criminals.

Cybersecurity must be actively managed due to evolving attack methods. The main challenges to managing cyber risks are emerging technologies and sophisticated threats.

Cyber criminals

Cyber criminals can be anyone. Often cyber criminals are employees, opportunist attackers, third parties, or organized cyber criminals. Cyber criminals may even be supported by other nations to commit cyber crimes.

Motivation for cyber attacks can be simple curiosity or an intent to disrupt operations. For organized groups, the motivation is often financial gain. Each year the number of cyber crimes targeting financial institutions increases. Some of the attacks have targeted foreign banks for millions of dollars.

The most damaging cyber criminals are nation-state sponsored. These types of cyber criminals are very technical. Nation-state sponsored cyber criminals want to cause widespread damage to critical infrastructures and steal intellectual property.

Cost of cyber crime

Businesses lose billions of dollars each year fixing systems impacted by cyber attacks. Studies suggest the cost of cyber crime appears to quadruple every four years.

A 2016 Juniper Research study predicted the cost of data breaches will quadruple to $2.1 trillion globally by 2019. An IBM-sponsored study conducted by the Ponemon Institute revealed:

  • As of 2016, the average cost of a data breach was $4 million.
  • The average cost per stolen record was $158.
  • The longer it takes to detect and contain a data breach, the more costly it becomes.
  • Regulated industries, such as healthcare and financial services, have the most costly data breaches.

To reduce the cost of cybersecurity and minimize risk of data breaches, the Ponemon study recommends:

  • Improving data governance programs and incident response.
  • Appointing a Chief Information Security Officer (CISO).
  • Developing an employee cybersecurity training program.
  • Implementing a business continuity program.
  • Investing in data loss prevention controls, such as encryption and endpoint security.

Additional Resources for

Feedback