Finance in Focus
Lead with Clarity
A Sector Under Fire
The phrase 'money makes the world go round' exists for a reason; consequently, the Financial Services & Insurance (FS&I) industry is a primary target for criminals seeking financial gain. As the foundation of the global economy, the sector is equally attractive to ideologically-motivated hacktivists and state-backed actors aiming to trigger disruption, uncertainty, and chaos.
In the UK, FS&I equates to ~9% of the country’s total economic output and is the nation’s fourth largest sector. It therefore also represents a significant target to opportunistic forms of cybercrime, like Cyber Extortion (Cy-X). Indeed, the sector experienced a staggering 71% increase in the number of Cy-X victims from September 2024 to October 2025.
Drawing from our Security Navigator 2026 report, this analysis uses extensive threat intelligence to explore the internal and external forces impacting the sector. Specifically, it examines the tension between the industry's advanced defensive posture and the persistent threats it faces daily.
Download the Finance in Focus ReportWhat can you expect in the report?
- Focused Industry Analysis: A detailed drill-down into data from the larger Security Navigator 2026 report specifically exploring forces impacting the FS&I sector.
- Cyber Extortion (Cy-X) Trends: Observations on the 71% year-on-year increase in Cy-X incidents targeting global FS&I.
- Industry Scorecard: Global data and Security Operations Centre (SOC) client data, including rankings for Cy-X victims and threat detection metrics.
- The Maturity Paradox: An exploration of how advanced defensive capabilities coexist with persistent challenges like legacy technical debt.
- Deep Dives into Threat Profiles: Analysis of external vs. internal actors, hacking trends, and the impact on various assets like servers and end-user devices.
- Systemic Risk Insights: Examination of the "web of interdependence" and how single compromises can trigger cascading failures across the financial ecosystem.
- Expert Perspectives: Commentary from security leaders on industrialised ransomware, state-aligned activity, and the need for collective defense.
- Strategic Recommendations: Seven mitigation recommendations for security leaders to reduce systemic exposure and strengthen resilience.
Research-driven insights to build a safer digital society
- First-hand Operational Data: Insights derived from Orange Cyberdefense's 36 Security Operations Centres and over 3,200 cybersecurity specialists worldwide
- In-depth Threat Landscape Analysis: Data showing that hacking accounts for 50% of FS&I incidents, predominantly driven by intentional external actors.
- Performance Benchmarking: Statistics showing FS&I resolves incidents 35% faster than the cross-industry average, with a Mean Time To Resolve (MTTR) of 26 hours.
- Vulnerability Management Data: Analysis of the age and severity of vulnerabilities, revealing that critical vulnerabilities persist for an average of 278 days.
- Operational Pressure Insights: Research into alert fatigue, noting that 89% of false positives are linked to legitimate everyday activity.
- Supply Chain Interdependence: A case study of the 2023 MOVEit-Zellis compromise to illustrate how third-party flaws impact downstream financial organisations.
- Path to Collective Defence: A concluding call for the sector to evolve beyond individual preparedness toward society-level resilience leadership.
In the UK, financial services are being pressed from both sides: industrialised ransomware crews like Qilin, Akira and Ransomhub on one, and state‑aligned activity, spanning pro‑Russian hacktivists like NoName057(16) to Chinese espionage campaigns on the other.
Scott Walker
Chief Architect at Orange Cyberdefense
Security Navigator 2026 "Finance in Focus"
Get the Report here!
