Scott McKinnon, Chief Security Officer, UK & Ireland, at Palo Alto Networks
The UK’s financial sector is becoming increasingly targeted by sophisticated cyberattacks, with the rise of mobile financial services, online transactions and emerging technologies like AI and cloud computing expanding potential attack surfaces. As a result, according to the World Economic Forum’s Global Risks Report, cybersecurity ranks among the top five global threats over the next two years, with banking systems seen as key targets.
For cybersecurity professionals working in the sector, the pressure doesn’t end there. Recent data protection laws, such Digital Operational Resilience Act (DORA) came into effect only two weeks ago. DORA mandates that financial institutions bolster their digital operational resilience, ensuring they can withstand and recover from cyber threats. However, the increasing sophistication of cyberattacks, many of which are driven by AI, often outpaces the capabilities outlined by DORA. Additionally, the time it takes for these regulations to be fully enforced can create a gap between the immediate cybersecurity threats and the institutional responses required by law.
This creates significant pressure on financial institutions to establish best practices that enable them to secure their operations, reduce vulnerabilities and maintain consumer trust.
The role of regulations in cybersecurity
Regulations heavily influence the financial sector’s cybersecurity strategies, often focusing on risk management. However, while threats evolve quickly, regulations tend to lag, and take time to develop.
Traditional corporate security teams can no longer prevent breaches as swiftly as attackers compromise systems, and monitoring tools have limited ability to stop a threat. That’s because the time it takes for attackers to compromise and exfiltrate data is now quicker than the time it takes for an organisation to remediate, which is typically 4-6 days.
With the average data breach now costing around $4.88 million (£3.58 million), financial institutions need a proactive cybersecurity strategy, not one that is reactive to regulation alone, including investment in technologies which can quickly detect and neutralise threats.
Financial institutions should only view regulatory requirements as a foundational baseline rather than a comprehensive basis for defence. Within the financial sector, more than any other, proactive, threat-based strategies are essential.
AI is both a threat and a solution
AI is reshaping business functions in financial services, as well as enhancing the customer experience and operational efficiency. However, it also introduces new security risks. Cybercriminals today are using AI for reconnaissance, social engineering, malicious code development and more. These tactics accelerate attacks, making them harder to combat with traditional cybersecurity measures.
Even within the security department AI has become a double-edged sword, aiding both cybercriminals and defenders. While many organisations adopt AI to improve operations, the technology also expands attack surfaces, allowing cybercriminals to automate and scale attacks.
By consolidating security products and shifting to a platform approach, AI-driven cybersecurity solutions can be leveraged to help institutions detect and respond to threats in real time, protect data and be more agile in response to incoming regulation.
Communicating cybersecurity needs
In order to put the right solutions in place, security teams first need trust and investment and that means taking the cyber challenge to the board. C-level leaders in the financial sector often underestimate their cyber-resilience and so effective communication from CISOs and CTOs about cybersecurity risks, and investment needs, is essential.
Maintaining trust is critical for any business that holds sensitive, personal, or critical data. In the financial services sector, reputation is paramount, and investing in cybersecurity is no longer seen merely as a cost — but as a strategic business asset. A robust cybersecurity posture not only reduces the risk of cyberattacks, which can have severe financial consequences but also unlocks potential value. For instance, effective security measures can lead to more favourable terms with cyber insurance policies, allowing businesses to recover costs and better protect their bottom line. In this way, cybersecurity investments directly contribute to the resilience and long-term success of the organisation.
In the digital financial landscape, robust cybersecurity measures safeguard reputation, customer trust and operational continuity. As digital transformation continues at pace, banks and other financial entities must embed security into every aspect of their operations – turning investments in AI and cybersecurity innovations into competitive advantages.