The 2025 Data Threat Report Financial Services Edition examines internal vulnerabilities, external threats and their impact on the assets of banks, insurance companies, payment processors and other financial institutions. The report covers the impact of Artificial Intelligence on security practices, the challenges of a complex IT environment, data security best practices and the evolving threat landscape among other topics. As always, the Data Threat Report encourages and equips security leaders to build stronger alliances spanning their own organizations and partner ecosystems to achieve broader enterprise goals.
This research was based on a segment of 258 financial services respondents extracted from a global survey of 3,163 professionals in security and IT management in 20 countries.
Conducted by
59% cited the fast-moving AI ecosystem as their top concern, followed by concerns about model and data integrity (57%) and trustworthiness (52%).
81% of respondents are investing in GenAI-specific security tools, and 24% are using newly allocated budget.
22% have little or no confidence in identifying where their data is stored.
Only 15% of FinServ organizations have encrypted 80% or more of their sensitive cloud data.
FinServ organizations identified these major quantum computing security threats:
57% are concerned about future encryption compromise.
57% are concerned about key distribution.
50% are concerned about future decryption of today's data, including harvest now, decrypt later.
2.0 The average number of IaaS providers, remained constant, similar to the overall average.
107 The average quantity of SaaS applications in use grew from 84 last year to 107 this year — a 27% increase in just one year.
54% were driven to pursue digital sovereignty by specific customer, regional or global privacy mandates.
40% said that encryption and key management provide sufficient protection to achieve objectives.
41% of FinServ organizations use more than 500 APIs; 22% use more than 1,000 (compared to 34% and 22%, respectively, surveywide).
51% of FinServ respondents said code vulnerabilities are a major concern for application security, placing it as the top response, compared to 59% surveywide.
50% said Secrets management is a leading DevOps security challenge, versus 55% surveywide.
Only 16% identified secrets management as most effective in protecting data, despite the devastating impact of compromised secrets.