Financial services firms are among the most cyber-mature, yet they face dangerous operational delays, rising AI risk, and a crisis of confidence in security tooling, according to the cyber security firm Bridewell. The firm notes that financial services reports the slowest incident response times of any sector. On average, firms take nearly 24 hours to respond to data theft incidents, longer than any other CNI (critical national infrastructure) sector, despite attackers often exfiltrating sensitive data within minutes of gaining access, the cyber firm points out.
Cyber attacks remain near-universal. Some 93pc of financial services surveyed experienced a cyber incident; whether involving ransomware, supply chain attacks, employee sabotage, data theft or leakage, physical security breach, malware, phishing/ BEC, unauthorised system access, social engineering, DDoS or outdated software or unavailable patches for legacy equipment.
Costs
When attacks succeed, the fall-out is broad and costly, according to the company. IT disruption or outages are the most commonly reported consequence (49 per cent), followed by loss of revenue from downtime (36pc) and increased cyber security budgets (32pc). Notably, the psychological impact on employees also ranks highly at 31pc, a reminder that the human cost of cyber incidents extends well beyond the balance sheet.
AI cyber risk and data protection have become the two most cited concerns in finance; some 42pc of respondents flagย AI risk and 40pc are citing data protection, as firms race to govern how human users and AI systems interact with sensitive data, Bridewell remarks.
Sam Thorton, Chief Operating Officer of Bridewell, said:ย โFinancial services organisations are among the most advanced in terms of cyber security maturity, but this maturity does not necessarily translate into resilience. The findings highlight a sector that understands the risks it faces and has invested heavily in controls, but is still constrained by complexity, process and the pace of change. The most significant challenge for 2026 is not identifying risk, but responding to it quickly and effectively.โ
AI control
Meanwhile, use of generative AI is widespread but control is still catching up, according to Netskope Threat Labs. The arm of the platform suggests that data is now at risk of being exposed not only through obvious GenAI prompts or uploads, but also through AI features operating inside normal workplace tools. Gianpietro Cutolo, Cloud Threat Researcher at Netskope Threat Labs says: โOrganisations are increasingly shifting away from personal AI tools toward managed environments, yet regulated data continues to dominate policy violations, showing where the real risk still sits. As AI becomes embedded into everyday workflows rather than used as a standalone tool, the challenge is no longer adoption, but maintaining visibility and control over sensitive data flowing through increasingly complex and connected systems.โ
