21 Cybersecurity Statistics for UK Financial Services Organisations

Cybercrime is one of the biggest risks facing financial institutions today.

While the rapid digitisation of the industry has expanded the scope for efficiency, customer service, and growth, it has also introduced a range of new opportunities for bad actors to exploit.

Accordingly, cybersecurity is now a key risk factor, to be considered at the same level as financial and other operational issues.

To safeguard customer data and capital, as well as protect their own systems, financial institutions are now in a race with criminals to increase security, control, and transparency.

However, in this fast-changing market, it’s easy to fall behind.

To help you keep up, we've collated the top 21 statistics to help you understand the state of UK cybersecurity, the key risks, and the potential solutions.

Understanding the Risk

1. Financial services organisations are 300 times more likely than other companies to be targeted by a cyber attack.

2. Since the pandemic, the number of cyber attacks rose by over 200%.

3. The banking industry has experienced a 1318% increase in ransomware attacks in recent years.

4. Cybersecurity risk is rated “extremely important” by more than 80% of bankers, ranking above all other operational risks.

Quantifying the Threat

5. The average cost of cybercrime for financial services is 40% higher than in other sectors.

6. Nearly 39% of financial institutions that experienced ransomware attacks paid a ransom of $1 million.

7. The average cost of a data breach in the financial sector is $5.9 million - above the global average of $4.45 million.

8. For 37% of institutions, the average time to resolve a security issue exceeds three months.

Key Threats: Phishing

9. HMRC reported a 73% increase in phishing attacks.

10. Financial services is the most impersonated industry for phishing, accounting for 34% of activity.

11. Phishing is the method of initial access in 46% of cyber attacks targeting financial services.

Key Threats: Ransomware

12. The banking and financial sector accounts for 22% of total ransomware attacks.

13. The financial sector has experienced a 64% rise in ransomware attacks, with 81% resulting in encrypted data.

14. In a recent survey, 74% of financial leaders experienced one or more ransomware attacks, and 63% ended up paying the ransom.

Key Threats: System Attacks

15. One in three cyber attacks against financial institutions begins with vulnerability exploitation.

16. Distributed Denial of Service (DDoS) attacks have increased by 110% year-on-year in the financial sector.

Attitudes to Cybersecurity

17. 95% of board committees now discuss cyber risk four or more times a year.

18. Top cybersecurity investment priorities for CISOs include Extended Detection and Response (24%), Workload Security (22%), and Threat Intelligence (15%).

How Are Firms Addressing Risk?

19. Firms that have mastered cybersecurity are nearly four times better at stopping breaches.

20. Modern systems and protocols can reduce breach costs by 72%, saving $273,000 per incident.

21. With an average of 22 incidents a year, those savings add up to $6 million annually for the average financial firm.

Preparing Your Business

Keeping up with the rapid changes in the cybersecurity landscape while maintaining service levels and core systems is one of the biggest challenges for financial providers, platforms, and intermediaries.

Mailock is a secure email solution tailor-made for the financial services industry, helping providers, advisers, and customers communicate with confidence.

With just a click, you can exchange files quickly and securely, minimising paper and protecting against interception and fraud.

References

Cyberattacks Hit Financial Services 300 Times More Than Other Sectors, CIO Dive, 2019

The Cybersecurity Posture of Financial Services Companies, McKinsey, 2022

Banking Industry Sees 1318% Increase in Ransomware Attacks in 2021, Security Magazine, 2021

Cost of Cybercrime Continues to Rise for Financial Services Firms, Accenture, 2021

The State of Ransomware in Financial Services, Sophos, 2023

Average Cost of a Data Breach in the Financial Sector, Statista, 2022

HMRC Sees 73% Growth in Email Phishing Attacks, Infosecurity Magazine, 2020

Phishers' Favourites: Top 25 for H1 2022, Vade, 2022

Threat Report: January 2022, Trellix, 2022

Modern Bank Heists 5.0: The Escalation from Dwell to Destruction, VMware, 2022

Phishing for Finance: State of the Internet, Akamai, 2022

Security X-Force Threat Intelligence Index, IBM, 2021

Financial Services Cyber Resilience Study, Accenture, 2021

Reviewed by

Sabrina McClune, 27.06.24

Sam Kendall, 17.06.25