50% of firms in the financial services industry are still operating on outdated or on-premise infrastructure, which fails to meet modern transparency and documentation requirements.

36% of U.S. financial services executives reported lacking sufficient internal expertise to meet regulatory mandates.

53% of CFOs in the financial services sector ranked evolving regulations as a top concern, compared to 38% of CIOs, highlighting a disconnect between financial and technical teams.

51% of firms identified data discovery as a top priority for improving audit readiness and control visibility.

42% of U.S. financial services executives identified staying current with evolving regulations as their top compliance challenge.

54% of firms in the financial services industry still rely on spreadsheets or in-house systems to track security controls.

45% of firms in the financial services sector prioritize automated evidence collection and document management for enhancing audit readiness and control visibility.

64% of financial services organizations cite compliance requirements as important security drivers.

72% of healthcare organizations experienced a moderate to severe financial impact from cyber incidents in the past two years.

Financial services organizations have 35% of their devices classified as extended IoT.

73% of U.S. Chief Financial Officers are now involved in cyber strategy in 2025.

59% of organizations plan to seek external support for AI, up from 17% in 2024.

27% of U.S. Chief Financial Officers ranked both cybersecurity and economic uncertainty as their second top concern in 2025.

96% of organizations are now engaging with AI in 2025.

43% of U.S. Chief Financial Officers expressed confidence in cyber prevention and mitigation in 2025, down from 46% in 2024.

42% of organizations are using AI operationally in 2025.

63% of board agendas for U.S. Chief Financial Officers in 2025 focused on profitability.

40% of insider incidents involved business-sensitive financial and strategic information.

Just 16% of MSSP-supported financial services firms require two to four weeks to contain a breach.

65% of financial services firms continue to manage IT and security entirely in-house.