A new report by Netskope Threat Labs has revealed alarming trends in the financial services industry, showing that over one in ten employees are inadvertently exposing sensitive work-related data through personal applications. This practice contributes to major cybersecurity vulnerabilities, with 74% of policy violations involving regulated personal and financial data, and 11% linked to the leakage of intellectual property.
According to the report, financial workers are using popular platforms like LinkedIn, Facebook, and Google Drive to store and share sensitive information. Notably, generative AI tools like ChatGPT have ranked eighth among the most common platforms involved in these violations, highlighting the risks associated with the growing use of such technology within the financial sector.
The rapid adoption of artificial intelligence (AI) is evident, with 95% of financial institutions now utilizing AI applications. While ChatGPT remains the most frequently used tool, other AI platforms such as Microsoft Copilot, Google Gemini, and Anthropic Claude have also gained significant traction.
The report emphasizes that data breaches related to AI tools are a growing concern, with intellectual property, regulated data, and source code accounting for 35%, 31%, and 30% of incidents, respectively. In response, around 90% of financial organizations are blocking at least one AI application. Furthermore, cybersecurity measures like Data Loss Prevention (DLP) and real-time user coaching are increasingly being implemented to mitigate these risks.
However, social engineering attacks remain a significant challenge, with nearly 1.5% of employees in the financial sector clicking on phishing links or downloading malware each month. Attackers are leveraging platforms like GitHub and Google Drive to distribute malicious software, while Microsoft remains the most commonly mimicked brand in phishing schemes targeting financial employees. Additionally, SEO poisoning has become an increasingly popular method for cybercriminals to manipulate search engine results and deceive employees into downloading malware.
These findings underscore the urgent need for financial institutions to enhance their cybersecurity protocols, educate employees about the risks of using personal apps for work-related data, and improve defenses against AI-related data breaches and social engineering attacks.
Related Topics:
Scotiabank Pullback Signals Global Banking Shift Away From Latin America
Ukraine Raises UAH 6.7 Billion Through Government Bond Auction
Gender Bias in Business Financing: Capital Misallocation and Economic Implications
