International Cyber Expo International Cyber Expo
  • About Us
Friday, 17 July, 2026
IT Security Guru
International Cyber Expo
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

KnowBe4 Report Reveals Global Financial Sector Faces Unprecedented Cyber Threat Surge

Research shows financial institutions experience up to 300 times more cyberattacks than other sectors, with large banks reporting 45% of employees susceptible to phishing attacks

by The Gurus
August 27, 2025
in Uncategorized
Ransomware Payment Bans: Prevention Strategy or Misguided Policy?
Share on FacebookShare on Twitter

KnowBe4, the human risk management cybersecurity platform, has released its latest research paper “Financial Sector Threats Report,” uncovering critical insights into the escalating cybersecurity crisis facing the global financial sector. The report shows that financial institutions face a perfect storm of AI-enhanced attacks, credential theft and supply chain vulnerabilities that pose systemic risks to the global financial industry.

The research reveals almost all (97%) of major U.S. banks experienced third-party breaches in 2024, while targeted intrusions against financial institutions increased by 109% year-over-year. Most concerning, tests in large financial institutions found that nearly 45% of employees were likely to click on a malicious link or download an infected file, creating entry points for threat actors. The report highlights how threat actors are leveraging AI tools like FraudGPT and ElevenLabs to create more convincing phishing campaigns, while simultaneously moving away from traditional ransomware encryption toward data exfiltration and multi-stage extortion schemes. This evolution allows attackers to use legitimate credentials, making detection significantly more challenging. According to Federal Reserve Bank of New York Staff Reports, even a single day’s disruption in payments by major banks could affect 38% of network banks globally.

Key findings from the report:

●      Financial service firms globally experience up to 300 times more cyberattacks annually than other industries, with a 25% year-on-year increase in intrusion events for 2024.

●      97% of the largest U.S. banks suffered third-party breaches in 2024, while 100% of Europe’s top financial firms suffered supplier breaches, highlighting vulnerabilities in vendor ecosystems.

●      Analysis of over three million dark web posts shows stolen credentials far outpace credit card theft; infostealer infection attempts increased 58% in 2024 and 68% of attacks originating from email.

●      The U.S. accounts for 60% of all ransomware attacks against financial institutions, with the U.S. and U.K. together representing over 70% of attacks, with increasing activity targeting emerging markets in South Asia and Latin America.

●      Large financial institutions show 44.7% Phish-proneTM Percentage (PPP) rates initially, but comprehensive security awareness training reduces phishing susceptibility to below 5%.

“Adversaries are gaining an advantage against the financial sector,” said James McQuiggan, security awareness advocate at KnowBe4. “Traditional defenses are no longer sufficient and threat actors discovered stealing valid credentials is more effective than ransomware because it allows them to move undetected. The battle comes down to the human level. Financial institutions must prioritize human risk management to close this critical security gap.”

Download the full KnowBe4 report “Financial Sector Threats: The Shifting Landscape” here. 

About KnowBe4

KnowBe4 empowers workforces to make smarter security decisions every day. Trusted by over 70,000 organizations worldwide, KnowBe4 helps to strengthen security culture and manage human risk. KnowBe4 offers a comprehensive AI-driven ‘best-of-suite’ platform for Human Risk Management, creating an adaptive defense layer that fortifies user behavior against the latest cybersecurity threats. The HRM+ platform includes modules for awareness & compliance training, cloud email security, real-time coaching, crowdsourced anti-phishing, AI Defense Agents, and more. As the only global security platform of its kind, KnowBe4 utilizes personalized and relevant cybersecurity protection content, tools and techniques to mobilize workforces to transform from the largest attack surface to an organization’s biggest asset. More info at knowbe4.com.

Follow KnowBe4 on LinkedIn and X.

Tags: cyberattackcybersecurityTechnology
ShareTweet
Previous Post

KnowBe4 Finds Top Cybersecurity Risk is Employee Distraction, Not Threat Sophistication

Next Post

Keeper Security Launches KeeperAI

Recent News

AI Appreciation Day: Security Leaders Say the Celebration Needs an Asterisk

AI Appreciation Day: Security Leaders Say the Celebration Needs an Asterisk

July 16, 2026
Q&A: Businesses Are Running Out of Time to Prepare for the Quantum Threat, Warns Moona Ederveen-Schneider

Q&A: Businesses Are Running Out of Time to Prepare for the Quantum Threat, Warns Moona Ederveen-Schneider

July 15, 2026
Proton Launches Business Continuity Service to Keep Firms Communicating Through Outages

Proton Launches Business Continuity Service to Keep Firms Communicating Through Outages

July 15, 2026
Forescout Uncovers AI Assisted Phishing Campaign Using Fake eCards

Forescout Uncovers AI Assisted Phishing Campaign Using Fake eCards

July 14, 2026

Eskenzi PR banner ad

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2026 IT Security Guru - Website Managed by Dessol

  • About Us
Manage Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
  • Manage options
  • Manage services
  • Manage {vendor_count} vendors
  • Read more about these purposes
View preferences
  • {title}
  • {title}
  • {title}
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2026 IT Security Guru - Website Managed by Dessol