Cybercrime has a greater impact on financial services than on any other industry, with greater costs and a higher attack rate, according to research by Accenture and the Ponemon Institute. The report, Cost of Cyber Crime Study, found that the rate of breaches in the financial industry has tripled over the past five years and analyses how much organisations spend when responding to cybercrime incidents. It found that the average cost of cybercrime for financial services companies globally has increased by more than 40 per cent over the past three years, from US$12.97 million per firm in 2014 to US$18.28 million in 2017 – significantly higher than the average cost of US$11.7 million per firm across all industries included in the study.

Some of the key findings for the financial services industry were:

• The average number of breaches per company has more than tripled over the past five years, from 40 in 2012 to 125 in 2017; that is slightly below the global average of 130 across all industries.
• Nearly two-thirds (60 per cent) of financial services companies’ total security costs is spent on containment and detection of cyberbreaches.
• The greatest impact of cyberbreaches on financial services firms are business disruption and information loss, which together account for 87 per cent of the cost to respond to cybercrime incidents, with revenue loss accounting for only 13 per cent.

Accenture's Chris Thompson said: “While the cost of cybercrime for financial services companies continues to rise, our research found that these companies have considerably more balanced and appropriate spending levels on key security technologies to combat sophisticated attacks than do those in other industries. This is particularly true with regard to the use of automation, artificial intelligence and machine-learning technologies, which could be critical to future cybersecurity efforts.”

Financial services firms suffer some of the greatest losses due to cybercrime but they are also investing in new technologies to protect themselves. The report found that a quarter of banks are using AI, while fewer than a third are using advanced analytics to combat cybercrime. The report notes there is an opportunity to improve on this and that the financial services sector should continue to invest in cyber-defence technologies such as automation and machine-learning technologies.