2025 Financial Services Cyber Resilience Report

More than a third of financial services firms said it would take a week or longer to detect and contain a breach.

65% of financial services firms continue to manage IT and security entirely in-house.

11% of RIAs significantly decreased their IT spend last year.

33.98% of IT decision-makers at financial services firms reported that security awareness training is currently fully or partially managed by an MSP or MSSP.

31% of financial services firms still rely on quarterly or less frequent cyber assessment and vulnerability reviews.

Just 16% of MSSP-supported financial services firms require two to four weeks to contain a breach.

42.72% of IT decision-makers at financial services firms reported that email security is currently fully or partially managed by an MSP or MSSP.

20% of executives at financial services firms acknowledge that having no effective incident response plan is a significant weakness that could slow recovery.

57.28% of IT decision-makers at financial services firms reported that network management and monitoring is currently fully or partially managed by an MSP or MSSP.

16.50% of IT decision-makers at financial services firms reported that vCISO or strategic advisory services is currently fully or partially managed by an MSP or MSSP.

Only 17% of executives at financial services firms indicated that security awareness training will be a priority in the coming year.

50% of financial services firms plan to invest or upgrade in advanced threat detection and response, such as MDR, EDR, SOC, in 2026.

78% of family offices say a successful attack would trigger withdrawals or investor panic.

67% of family offices demonstrated the highest level of concern about outdated infrastructure and their ability to recover from a data breach (compared to 50% average).

51% of leaders at financial services firms say they are unprepared to recover effectively from a Ransomware attack.

11% of leaders at financial services firms say they are unprepared to recover effectively from a Vendor or third-party breach.

Only 10% of internal shared-resource financial services firms are “very confident” their teams can detect AI-driven attacks.

30% of MSSP-supported financial services firms are “very confident” their teams can detect AI-driven attacks.

51% of financial services firms plan to invest or upgrade in cloud adoption, migration and security in 2026.

37% of financial services firms plan to invest or upgrade in network and perimeter security in 2026.

26.21% of IT decision-makers at financial services firms reported that patch management and system updates is currently fully or partially managed by an MSP or MSSP.

6% of financial services firms admitted it could stretch into a month or longer to detect and contain a breach.

17% of financial services firms use a co-managed model for IT and cybersecurity.

35% of leaders at financial services firms say they are unprepared to recover effectively from a Cloud platform compromise.

59.22% of IT decision-makers at financial services firms reported that IT help desk and end-user support is currently fully or partially managed by an MSP or MSSP.

46.60% of IT decision-makers at financial services firms reported that firewall management / perimeter security is currently fully or partially managed by an MSP or MSSP.

Only 16% of financial services firms are fully outsourcing IT and cybersecurity to an MSP/MSSP.

25% of internal shared-resource financial services firms require two to four weeks to contain a breach.

87% of executives at financial services firms say a successful cybersecurity attack would trigger withdrawals or AUM loss.

94% of CFOs at financial services firms said they would expect client departures in the wake of a major incident.

61% of executives at financial services firms are concerned about impersonation campaigns targeting their firms.

88% of executives at financial services firms acknowledge that a successful cybersecurity attack would trigger withdrawals, raise investor concern, or lead to direct loss of assets.

Almost nine in ten financial firms now carry cyber insurance coverage as a safety net.

33% of leaders at financial services firms say they are unprepared to recover effectively from a Supply chain attack.

31% of leaders at financial services firms say they are unprepared to recover effectively from a Business Email Compromise.

29% of leaders at financial services firms say they are unprepared to recover effectively from a Distributed Denial of Service attack.

29% of leaders at financial services firms say they are unprepared to recover effectively from a Zero-day exploit.

8% of family offices use an external provider for day-to-day cybersecurity management.

21% of executives at financial services firms cited a lack of employee security awareness as a significant challenge.

34% of executives at financial services firms said they lack the internal resources or expertise to manage complex IT and security controls.

50% of executives at financial services firms acknowledge that reliance on outdated or on-premises systems is a significant weakness that could slow recovery.

28% of executives at financial services firms acknowledge that a lack of current backups or recovery capabilities is a significant weakness that could slow recovery.

14% of executives at financial services firms acknowledge that having no access to a SOC partner is a significant weakness that could slow recovery.

24% of executives at financial services firms acknowledge that their teams not being trained on incident response processes is a significant weakness that could slow recovery.

30% of internal financial services firms say they skip vulnerability assessments.

22% of executives at financial services firms acknowledge that a lack of regular vulnerability assessments is a significant weakness that could slow recovery.

41% of financial services firms plan to invest or upgrade in IT infrastructure modernization in 2026.

39% of financial services firms plan to invest or upgrade in multi-factor authentication and identity access management controls in 2026.

36% of financial services firms plan to invest or upgrade in backup and disaster recovery solutions in 2026.

Internal shared-resource financial services firms are 56% more likely to face 25 or more attacks annually.

Nearly a third of leaders at financial services firms admit they are not fully confident employees could recognize an AI-driven phishing or social engineering threat.

83% of family offices are concerned about deepfakes or other impersonation threats.

The confidence level among family offices that their employees can detect and prevent AI-powered cyber-attacks is 60% (compared to 69% average and 78% among RIAs).

18% financial services firms faced more than 25 known attacks in the past year.

72% of family offices believe they are targeted more often because they manage high-networth assets.

93% of financial services firms reported at least one known attack in the past year.

33% of leaders at financial services firms say they are unprepared to recover effectively from a Phishing or smishing campaign.

57% of RIAs increased security budgets.

18% of leaders at financial services firms say they are unprepared to recover effectively from an Insider threat or data compromise.

78% of financial services firms increased cybersecurity spending in the past year.

88% of financial services firms in the $101-500M range increased cybersecurity spending in the last 12 months.

Half of financial services firms plan to prioritize cloud adoption in 2026.

More than half (57%) of financial services firms are not monitoring threats in real time.

14% of MSSP-supported financial services firms report mature response capabilities.

16% of executives at financial services firms acknowledge that a lack of experienced IT or security staff is a significant weakness that could slow recovery.

20% of MSSP-supported financial services firms say they skip vulnerability assessments.

8% of internal financial services firms report mature response capabilities.

48.54% of IT decision-makers at financial services firms reported that threat detection and security response (MDR, SOC) is currently fully or partially managed by an MSP or MSSP.

60.19% of IT decision-makers at financial services firms reported that cloud infrastructure management (MS 365, Azure, AWS) is currently fully or partially managed by an MSP or MSSP.

48.54% of IT decision-makers at financial services firms reported that data backup and disaster recovery is currently fully or partially managed by an MSP or MSSP.

29.13% of IT decision-makers at financial services firms reported that vulnerability scanning / assessments is currently fully or partially managed by an MSP or MSSP.

37.86% of IT decision-makers at financial services firms reported that attack surface management / continuous monitoring is currently fully or partially managed by an MSP or MSSP.

20.39% of IT decision-makers at financial services firms reported that regulatory compliance support is currently fully or partially managed by an MSP or MSSP.