Cyberattacks cost financial services firms more money than any other sector in 2017, averaging $18.28 million per firm.
But it’s not the cost of recovery that firms are spending the most money on. It’s actually the price tag to detect threats that is the most burdensome, according to a recent study.
Through more than 2,000 interviews with 254 financial services firms, a study by Accenture and the Ponemon Institute found that detection accounted for 41 percent of internal costs, or the expenses a firm bears for itself rather than, say, damages paid to customers as a result of a cyberattack. That’s far more than other cost categories.
The next costliest activity was the recovery process after a cyberattack (19 percent), followed by containment (16 percent), investigation (13 percent) and incident management and ex-post response (11 percent).
Although the cost of cybercrime for financial services firms was up 9.6 percent from 2016, technology might be a source of relief.
Accenture and the Ponemon Institute also asked financial services firms to order security technologies according to what they spent on them and then again by cost savings. Using the results, researchers identified areas where firms could reallocate money and improve effectiveness while maintaining or reducing their expenses.
The study found two technologies that could help: The first is artificial intelligence-based computing that allows for jobs to be automated. The second is more sophisticated use of analytics. Although those two showed to add value, only small percentages of firms were actually using them.
Only 31 percent of financial services firms interviewed were using analytics extensively and just 26 percent were using AI-based technologies, the study found.