Mo Joueid, Identity security consultant at SailPoint
Today’s threat landscape is by far one of the most sophisticated, and dangerous, environments that businesses have ever operated in. Fuelled by the proliferation of new technology, threats we are seeing today look drastically different to those from just a few years back. From the rise in AI-enabled threats, like deepfakes and AI-driven malware, to the growing fear surrounding quantum hackers, businesses have never been at a higher risk of attack.
No industry is untouchable in the wake of malicious cybercrime, however, one sector stands out as a prime target for bad actors, given the lucrative gains at stake. Being renowned for its highly confidential data and systems, the financial services industry is the ideal victim for attack.
With nearly 50% of surveyed financial organisations suffering at the hands of a security breach in the past two years, the EU’s new Digital Operational Resilience Act (DORA) comes at a vital time. Under DORA, financial institutions operating in the EU and their third-party information communication and technology (ICT) providers must adhere to new technical requirements aimed at helping organisations recover from cyber risk.
As attacks grow in prevalence, DORA compliance is essential to safeguard operations. As such, organisations need to establish clear policies for managing ICT risk, particularly those related to unauthorised access and outdated systems.
The identity dilemma
Cyber risks in financial services have been heightened by the growth of large and often complex supply chains. Aided by acquisitions or growth with partners, larger supply chains allow for more identities to operate freely within the chain – often unchecked.
This rise of temporary employees, partners, and contractors in these firms means identities can easily fly under the radar, leading to security risks like ‘overprovisioned’ access. In fact, nearly 80% of financial organisations surveyed are concerned about vulnerabilities resulting from overprovisioning of non-employees, according to our research. This lack of visibility can leave huge gaps in security posture, increasing the risk of identities being compromised by bad actors, or unintentional mishaps from users with too much access, such as accidental misplacement or deletion of files.
This identity challenge is heightened by the rising number of applications users typically need access to, and the range of entitlements that must be managed. For already stretched IT teams, this creates an overwhelming burden.
What’s more, over half (53%) of financial services firms are grappling with too many manual processes, not to mention legacy tools. The manual management of hundreds of users often results in loosely controlled access, poor oversight, and increased cyber risk. Without modern identity security solutions, managing this identity explosion becomes nearly impossible – making compliance a real challenge.
Tackling risk associated with manual approaches
Combatting ICT risks associated with overprovisioned identities must be a top priority in order to properly secure financial services firms. However, for those managing identities manually, this becomes a very daunting task.
ICT teams must carefully control which identities in their supply chain have access – to what, when, and for how long. Access should be granted strictly on a need-to-know basis, with rigorous management of onboarding, offboarding, and the entire identity lifecycle.
To reduce manual pressures on stretched IT teams, AI serves as an effective partner. Technology such as AI-enabled identity security can automate these tasks and seamlessly manage access requirements in real-time. This real-time oversight enables IT teams to better manage the surge in identities needing access to different applications, ensuring that each identity only has as much access as is required to perform their role.
By leveraging this technology, financial organisations can help reduce their attack surface, enabling easy and early detection of suspicious and unusual behaviour. This helps to ease the burden on IT teams as well as support compliance efforts.
Bolstering cyber hygiene in 2025 and beyond
Despite preventative measures, security breaches are still a risk. To comply with DORA, financial firms should standardise ICT-related incident management and reporting processes to understand how incidents happened and users’ roles.
In recent years, there has been a rapid growth of identity threat detection and response solutions, which enrich the context of security incident analyses so organisations can better identify unusual patterns of behaviour, enabling more proactive and predictive capabilities. By leveraging these solutions, combined with AI-enabled identity security, organisations can identify threatening activity and what remediation is needed – all in real time.
As the cyberlandscape becomes increasingly complex, complying with DORA will be key in keeping threats at bay. To meet objectives head on, adopting an AI-enabled identity security solution which enhances visibility and governance over ICT risks is crucial. Only by increasing oversight and access controls across all identities within complex supply chains, can the financial services sector enhance its cyber resilience against evolving threats.
