50% of firms in the financial services industry are still operating on outdated or on-premise infrastructure, which fails to meet modern transparency and documentation requirements.

36% of U.S. financial services executives reported lacking sufficient internal expertise to meet regulatory mandates.

53% of CFOs in the financial services sector ranked evolving regulations as a top concern, compared to 38% of CIOs, highlighting a disconnect between financial and technical teams.

51% of firms identified data discovery as a top priority for improving audit readiness and control visibility.

42% of U.S. financial services executives identified staying current with evolving regulations as their top compliance challenge.

54% of firms in the financial services industry still rely on spreadsheets or in-house systems to track security controls.

45% of firms in the financial services sector prioritize automated evidence collection and document management for enhancing audit readiness and control visibility.

Financial services organizations have 35% of their devices classified as extended IoT.

Just 16% of MSSP-supported financial services firms require two to four weeks to contain a breach.

65% of financial services firms continue to manage IT and security entirely in-house.

20% of executives at financial services firms acknowledge that having no effective incident response plan is a significant weakness that could slow recovery.

11% of RIAs significantly decreased their IT spend last year.

42.72% of IT decision-makers at financial services firms reported that email security is currently fully or partially managed by an MSP or MSSP.

33.98% of IT decision-makers at financial services firms reported that security awareness training is currently fully or partially managed by an MSP or MSSP.

16.50% of IT decision-makers at financial services firms reported that vCISO or strategic advisory services is currently fully or partially managed by an MSP or MSSP.

31% of financial services firms still rely on quarterly or less frequent cyber assessment and vulnerability reviews.

57.28% of IT decision-makers at financial services firms reported that network management and monitoring is currently fully or partially managed by an MSP or MSSP.

Only 17% of executives at financial services firms indicated that security awareness training will be a priority in the coming year.

46.60% of IT decision-makers at financial services firms reported that firewall management / perimeter security is currently fully or partially managed by an MSP or MSSP.

50% of financial services firms plan to invest or upgrade in advanced threat detection and response, such as MDR, EDR, SOC, in 2026.