New research by Deloitte and the Financial Services Information Sharing and Analysis Center (FS-ISAC) highlights three key traits of successful cybersecurity programs, namely:
- Support and involvement of executives and the board.
- Treating cybersecurity and IT as separate departments of equal standing.
- Tying cyber risk management strategy to business strategy.
The research also shows that financial services firms devote between 6% and 14% of their IT budget to cybersecurity, which comes down to between 0.2% to 0.9% of company revenue. While larger firms tend to prioritize identity and access management, smaller organizations usually spend more to protect their networks and endpoints.
Read more: What differentiates the strongest cybersecurity programs from the rest