Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    Financial Firms Spend $2,300 Per Employee Attempting to Address Cyber Security Concerns

    deloittelogo

    A new joint study by Deloitte and the Financial Services Information Sharing and Analysis Center highlights the budget impacts establishing and maintaining cybersecurity.

    There is no greater threat to an organization’s livelihood than a highly-publicized and costly cyberattack. Data breaches, data held ransom, and wire fraud can cost organizations millions of dollars in remediation costs – and additional costs stemming from the loss of customers, consumer trust, etc.

    So, it’s important for organizations to dedicate an appropriate amount of budget to address cybersecurity concerns. According to the Pursuing Cybersecurity Maturity at Financial Institutions study put out by Deloitte, financial institutions spend a tremendous amount on a per-employee basis ($2300), but it may not be enough.

    According to the report, the average spend dedicated to cybersecurity as a percentage of revenue is 0.36%, just 10% of the overall IT budget. This translates to an IT budget (as a percentage of revenue) of just 3.6%.

    According to a 2017 Deloitte study, Technology Budgets: From Value Preservation to Value Creation, the Banking and Securities vertical spent 7.16% of revenue on IT. That’s represents a significant drop in IT (and, therefore, cybersecurity focus).

    Deloitte encourages organizations (financial and otherwise) to work towards an adaptive level of cybersecurity maturity (as defined by NIST) and offers these three characteristics of adaptive organizations:

    • They secure leadership and board involvement – this is critical, as Deloitte has previously pointed out that CEOs and Boards are unprepared for cyber risk.
    • They align cybersecurity more closely with business strategy – keeping security in focus as businesses adopt new technology and digitally transform is key to growth while reducing risk.
    • They raise cybersecurity’s profile within the organization beyond IT – creating a security culture is necessary for the thriving of the modern-day business. Organizations utilizing Security Awareness Training elevate a user’s understanding of why cybersecurity is necessary, what their role is in it, and how to maintain productivity and organizational security simultaneously.

    While financial organizations are spending what appears to be a tremendous amount of budget per employee on cybersecurity, the reality is they need to be doing more to fend of attacks that will do more damage per employee than just $2300.

    Find out how affordable new-school security awareness training is for your organization. Get a quote now.

     
    Get A Quote
    Request A Demo
     

     

    Return To KnowBe4 Security Blog

    Topics: Cybersecurity

    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe to Our Blog


    Security Awareness Training
    Blog RSS Feed
    Comprehensive Anti-Phishing Guide
    All Posts

    Posts by Tag

    See all

    Posts By Topic

    View All

    Get the latest about social engineering

    Subscribe to CyberheistNews