Peer-to-peer fraud and other digital fraud constituted more than 29% of bankers categorizing it as the most worrying cyber threat in 2023, according to CSI. US financial institutions see peer-to-peer fraud and other digital fraud as the biggest cybersecurity concern in 2023.It was cited by 29% of respondents in a survey by Computer Systems Inc. (CSI), followed by data breaches (23%), ransomware (20%) and a breach at a third party (15%). Industry respondents also expressed concerns over identity theft at 4%, unavailable or unaffordable cyber insurance at 4%, geopolitical risks at 3%, DDoS attacks at 2% and website defacement at 0.9%, according to CSI’s annual survey of the financial sector. It received responses from 228 banking executives, 171 of them at vice-president level or above. P-to-P biggest cyber security concernAn investigation into the internal data from the four biggest banks in the US showed that as of 2020, the banks had collectively received $90 million in fraudulent claims on P2P platforms. This was expected to go up to $255 million by 2022, a 183% increase. “The rising rates in P-to-P fraud across the industry have institutions wondering if such incidents are a result of data breaches. This perspective likely explains why bankers ranked breaches second on their worry list,” Steve Sanders, CISO at CSI said in the report. Readiness for a cybersecurity incident80% of respondents said they clearly know what to do in case of a cybersecurity incident in their organization, and 77% of respondents said they clearly understand their organization’s cyber risk. 72% of respondents said they have a reliable source of cybersecurity news, and 68% of respondents said their cyber security education program is effective, CSI found. 51% of respondents were confident their organization would not be found negligent if it suffered a data breach, and 47% of respondents said their CISO can present a strategic business case for cyber spending. Only 8% disagreed with this statement. Around 36% of the respondents said privacy laws and regulations have improved their organization’s process, CSI wrote. “Based on their responses, there appears to be a certain cybersecurity exhaustion among bankers. This is understandable, but it is still important for institutions to be vigilant,” Sanders said in the report. In terms of regulations, the banking institution is waiting for the final ruling of the Financial Crime Enforcement Network (FinCEN) beneficial owner database. 68% of respondents in the survey said they are very concerned about cybersecurity compliance in their space, and 91% of bankers said that fraud is the biggest risk in compliance risk. Cybersecurity risk on banks globallyA separate, global survey conducted by consulting firm EY found that 72% of chief risk officers (CROs) in the banking sector identified cybersecurity risk as their top concern over the next 12 months . “The role of the CRO is in the spotlight; and, with geopolitical risk underpinning everything else on their agenda, they will need to find new and innovative ways to address competing demands,” Jan Bellens, leader at EY Global Banking and Capital Markets Sector, said in the report. “It is arguably one of the hardest jobs in the banking c-suite, facing new and hidden risks – particularly from increasingly sophisticated cyber-attacks, that will put increasing pressure on an already volatile environment,” Bellens added. Almost 70% of North American CROs are concerned about cyber warfare between nation-states due to the ongoing geopolitical conditions. This is substantially more than their peers in Europe where 46% of CROs were concerned about cyberwar, EY noted. Related content feature What are non-human identities and why do they matter? When digital systems need access and permissions they require credentials just like human beings. These non-human identities allow many components of complex systems to work together but present significant security issues. By Chris Hughes Jun 03, 2024 8 mins Access Control Identity and Access Management Network Security news Microsoft: The brand attackers love to imitate Cybercriminals often hide attack attempts behind well-known brand names with the intent to trick targeted users into making the fatal click. Microsoft is their favorite — by far. By Martin Bayer Jun 03, 2024 3 mins Phishing Email Security Cybercrime news Bug in EmbedAI can allow poisoned data to sneak into your LLMs The vulnerability can be used to deceive a user into inadvertently uploading and integrating incorrect data into the application’s language model. By Shweta Sharma May 31, 2024 3 mins Generative AI Vulnerabilities news OpenAI accuses Russia, China, Iran, and Israel of misusing its GenAI tools for covert Ops OpenAI’s generative AI tools were used to create and post propaganda content on various geo-political and socio-economic issues across social media platforms, the company said. By Gyana Swain May 31, 2024 4 mins Generative AI PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe