Today, we published our Cyber Security in Financial Services 2026 report, which revealed that financial services organisations are among the most cyber-mature, yet face dangerous operational delays, rising AI risk, and a crisis of confidence in security tooling.
The study surveyed retail and investment banks, payment processors, clearing houses, and related institutions as part of our wider Cyber Security in CNI 2026 report. The research, which surveyed security leaders across the financial services industry, highlights a sector that has become one of the most attractive targets for cyberattacks.
The main findings include:
Slowest Incident Response in CNI
Despite having some of the most mature security capabilities, financial services organisations report the slowest incident response times of any sector. On average, firms take nearly 24 hours to respond to data theft incidents, longer than any other CNI sector, despite attackers often exfiltrating sensitive data within minutes of gaining access.
Phishing and BEC Dominate the Threat Landscape
The financial services sector has seen a surge of attacks, with 93% of financial services organisations experiencing a cyber incident involving ransomware, supply chain attacks, employee sabotage, data theft/leakage, physical security breach, malware, phishing/BEC, unauthorised system access, social engineering, DDoS or outdated software/unavailable patches for legacy equipment. Phishing and BEC attacks were particularly prevalent, reflecting the continued focus of financially motivated threat actors on the sector.
AI Cyber Risk and Data Protection Emerge as Top Concerns
AI cyber risk and data protection have become the two most cited concerns in financial services with 42% of respondents flagging AI risk and 40% citing data protection, as institutions race to govern how both human users and AI systems interact with sensitive data. These concerns are closely aligned with regulatory and operational risk.
Trust in Security Tools Hits a Sector High
As security stacks grow more complex and AI-driven solutions become widespread, financial services organisations are questioning whether their tools are up to the job. More than a third (36%) cite trust in cyber security tooling as a significant challenge, with concerns centering on the transparency and auditability of the technologies they rely on.
Operational and Financial Costs Remain Severe
When attacks succeed, the fallout is broad and costly. IT disruption or outages are the most commonly reported consequence (49%), closely followed by loss of revenue from downtime (36%) and increased cyber security budgets (32%). Notably, the psychological impact on employees also ranks highly at 31%, a reminder that the human cost of cyber incidents extends well beyond the balance sheet.
“Financial services organisations are among the most advanced in terms of cyber security maturity, but this maturity does not necessarily translate into resilience,” said Sam Thornton, Chief Operating Officer of Bridewell. “The findings highlight a sector that understands the risks it faces and has invested heavily in controls, but is still constrained by complexity, process and the pace of change. The most significant challenge for 2026 is not identifying risk, but responding to it quickly and effectively.”
