Team Cymru Releases Comprehensive Report on Banking Digital Risk Landscape, Illuminating Third-Party Risk

LAKE MARY, Fla., November 14, 2023 (Newswire.com) - Team Cymru, a global leader in external threat intelligence and digital risk management solutions, today announced the release of its "Digital Risk Landscape Report." This in-depth analysis of nearly 60,000 assets from five major banks across the globe explores the multifaceted dimensions of digital risk in the banking sector, with a particular focus on the escalating threats from third-party engagements.

Updates to Regulatory Compliance with severe financial consequences is putting huge emphasis on managing digital assets, including third parties. U.S. banks are proactively investing in technology to enhance customer value, streamline internal processes, and maintain a competitive edge. With investments expected to reach nearly $112 billion by 2026, this pattern of spending also has a global trend. As each organization's digital footprint expands across the globe, it also expands to thousands of third-party vendors. 

With increased scale and business opportunity comes increased risk exposure. Unfortunately, many financial institutions may not even be aware of the risks they harbor until after an incident occurs, underlining the critical importance of proactive risk identification and mitigation. 

"Financial institutions are at a crucial crossroads, navigating a digital ecosystem that offers immense opportunities but also presents unprecedented risks," said David Monnier, CIO at Team Cymru. "Our report assessed the digital landscape of five major banks to better understand their risks today, especially when using third-party platforms. What we found confirmed our assumptions that financial institutions are indeed vulnerable to attack because of third-party risk. We hope that both executive leadership and cybersecurity practitioners will take away from the report a better idea of the risks banks face by simply doing business in an online, digital world, and what can be done about those risks.”

The Digital Risk Landscape Report examines key areas including risk severity, the most common vulnerabilities and their business impact, top vulnerabilities by bank, and guidance on how banks can proactively address these issues. 

The report uncovers critical findings, including:

Key Findings

• Overall Risk Exposure: Nearly 1% of all digital assets contain vulnerabilities, yet for some banks, over 7% of their assets contain exploitable vulnerabilities. 
• Vulnerabilities Severity Distribution: 68% of identified vulnerabilities had a severity level of 5.00 or higher. 
• Breach Exposure for Large Banks: Our research uncovered multiple critical vulnerabilities, consisting of many unique vulnerabilities. 
• Third-Party Platform Vulnerabilities: 75% of vulnerabilities are associated with third-party platforms. 
• Common Risks Among Global Banks: Amazon, LG Uplus, NTT, and Alibaba are among the third-party platforms with the highest number of vulnerabilities.

The report marks the first in a series of in-depth risk landscape analyses that Team Cymru is set to develop across various industries, including healthcare, airlines, and retail. These reports are developed using data from Pure Signal Orbit™, Team Cymru’s attack surface management platform, the world’s largest data ocean of threat intelligence and digital assets information. Assets were scanned for one week, ensuring the most complete picture of asset information and vulnerabilities could be achieved. The starting point for the five research candidates used their Top Level Domain (e.g., bank.com), and extended outwards to their entire attackable surface, including third parties. To qualify as a candidate, each financial institution had to be within the top five annual revenues for their specific geographic region. No names have been used to ensure anonymity.

To read "The Digital Risk Landscape: A Report on Top Financial Institutions & Third-Party Risk," please visit https://www.team-cymru.com//digitalrisklandscapefinancial.

About Team Cymru 

Since 2005, Team Cymru’s mission has been to Save and Improve Human Lives by working with security teams around the world, enabling them to track and disrupt the most advanced bad actors and malevolent infrastructures. The company delivers comprehensive visibility into global cyber threats and is the key source of threat intelligence for many cyber security and threat intelligence vendors. Enterprise security teams rely on the Pure Signal™ platform to close detection gaps, accelerate incident response, and detect threats and vulnerabilities across entire enterprises and third-party ecosystems. Its Community Services division provides no-cost threat detection, alerting, DDoS mitigation, and threat intelligence to more than 140 CSIRT teams across 86+ countries. For more information, visit https://team-cymru.com/.

Source: Team Cymru