Cybersecurity in 2024: A deep dive into FinTech’s top concerns and strategies

Nearly 40% of compliance professionals across asset management, investment adviser, and private markets firms remain unprepared for the cybersecurity risks posed by AI, reveals the 2024 Cybersecurity Benchmarking Survey.

According to ACA Group, meanwhile, a significant 44% are anxious about the enforcement of the SEC’s new cybersecurity regulations. This bi-annual survey, a collaborative effort between ACA Aponix (part of ACA Group) and the National Society of Compliance Professionals (NSCP), aims to guide firms through the evolving landscape of cybersecurity risks and regulations.

A considerable portion of the survey respondents, 44%, expressed uncertainty regarding the SEC’s approach to enforcing its cybersecurity rules. Moreover, 36% of compliance professionals voiced concerns over meeting the cyber incident reporting requirements and deadlines set forth by the SEC. This highlights a widespread anxiety within the industry about regulatory preparedness and compliance with evolving cybersecurity mandates.

The survey sheds light on the industry’s cautious approach towards AI in cybersecurity risk management. A notable 38% of respondents have not yet recognized AI as a potential cybersecurity threat, and 27% do not see its relevance to cybersecurity at all. However, nearly half of the surveyed professionals (49%) are exploring AI as a cybersecurity tool, indicating a growing interest in leveraging technology to enhance cybersecurity defenses.

The primary cyber threats causing concern among respondents include payment fraud/business email compromise (70%), ransomware (67%), and privacy threats to personal identifiable information (52%). Interestingly, the least concern was shown towards deepfakes, with only 5% of respondents recognizing them as a potential threat. This highlights the varying perceptions of cyber threats within the financial services sector and underscores the importance of tailored cybersecurity strategies.

In terms of cybersecurity preparedness, approximately 79% of compliance professionals feel confident in their firm’s ability to respond to a cyber breach, despite only 40% having conducted an external test of their response plan. Confidence is similarly high in managing unforeseen system outages, with 83% of respondents expressing confidence in their firm’s preparedness. Furthermore, 85% of those with cyber insurance view it as an essential tool in their risk management arsenal, emphasizing the value of insurance in mitigating cyber risks.

The survey also revealed concerns about vendor cybersecurity practices. Over half of the firms (51%) have not renegotiated vendor contracts to include additional cybersecurity provisions in the last two years, pointing to potential vulnerabilities in the supply chain.

Mike Pappacena, Partner at ACA Aponix, emphasized the survey’s significance, stating, “Our survey findings underscore the critical importance of staying ahead of evolving cybersecurity threats. As nearly half of the respondents express uncertainty about SEC enforcement, it’s clear that regulatory compliance remains a top concern. At ACA, we’re committed to providing our clients with robust regulatory guidance and solutions to navigate these challenges effectively.”

Lisa Crossley, Executive Director at NSCP, also highlighted the value of the survey, “The Cybersecurity Benchmarking Survey continues to be a valuable resource to compliance professionals seeking insight about current and emerging cybersecurity trends, policies, and challenges across the financial services industry. We are particularly proud of our partnership with ACA Group to help firms prioritize their cybersecurity programs.” SOURCE