During an era of rising cybercrime, we asked C-Suite executives how confident they are in their organization’s ability to protect itself from cyber fraud. Our Cyber Fraud Index Score represents the percentages who answered “Very Confident” or “Confident”.
With cybercrime on the rise, Webster Bank wanted to better understand how business leaders are feeling about the risks they face, and how they’re protecting their organizations.
So we fielded an exclusive, intensive market study to dive into the matter, and asked questions designed to:
Nothing’s more important to Webster than the success of our business customers. And we know a big part of that depends on security. So let’s take a closer look at the insights we discovered in our Cyber Fraud Index survey.
Only 11% of our respondents were “very confident” in their organization’s ability to protect itself from cyber fraud.
An Executive Summary Of Our C-Suite Survey.
Our Cyber Fraud Index uncovered many interesting statistics, but a few insights stood out when stepping back and looking at the bigger picture. As you analyze our results in the following pages, keep an eye out for the following themes and potential conflicts:
Many C-Suite leaders identified third-party vendor risk as one of their top cybersecurity concerns, yet 6 in 10 still depend on third-party IT providers and consultants to protect their organizations from cyber fraud.
91% of C-Suite executives report having a cybersecurity plan in place, but more than half also feel their cybersecurity budget is insufficient. This suggests that many executives want to do more to protect against cyber fraud but lack the funds.
Many respondents have defenses like firewalls and multifactor authentication in place, but only about half have established a cybersecurity advisory council or a similar group to provide strategic guidance and governance on new and emerging threats.
92% of the executives we surveyed rely on internal IT resources as their primary line of defense, but less than half are fully confident in their organization’s cybersecurity measures.
The C-Suite leaders who responded expressed a desire for banks to take a more active role in cyber fraud protection, but 40% are neutral or unsatisfied with what their banks offer them.
The majority of respondents rely on internal IT resources, but also call upon outside resources, despite concerns over third-party risks.
What are the biggest cyber fraud risks facing your organization?
In their answers, common themes emerged: third-party risks, phishing, social engineering and ransomware. Artificial intelligence was also mentioned as a growing risk.
“Recently, largest risks appear to be with effective identity management, as well as third-party risk for subcontractors.”
“The phishing emails to the finance people pretending to be their bosses asking to transfer money.”
“Customer data loss, reputation loss, ransomware attacks, service disruption.”
The executives we surveyed are most concerned with phishing, ransomware and the theft of their customers’ data. Theft of organization data and malware were also top concerns. We asked executives what they were most concerned with in terms of the impact of cyber fraud. Many were worried about their company’s reputation and customer trust.
When asked to choose from various statements related to cybersecurity and cyber fraud, many C-Suite leaders said they had cybersecurity plans, but still worried about risks.
Note that while few executives feel that cybersecurity issues are out of their control, more than half don’t think their cybersecurity budget is adequate.
63% of executives we surveyed reported experiencing cyber fraud one or more times in the past two years.
Number of times a company has been a victim of cyber fraud:
51% of respondents reported losses between $10,000 and $500,000 from their most significant cyber fraud incident, while 11% reported losses exceeding $1 million.
What are the most valuable steps your organization has taken to prevent or minimize cyber fraud?
Many answered with training and education for their employees, as well as using third-party vendors — despite many being concerned by third-party risks. Multifactor authentication (MFA) and zero-trust architecture were also frequently mentioned.
Almost all executives restrict employee access to data and information and require passwords and regular password changes. 3 out of 4 have hired employees who focus on cybersecurity.
Two-factor authentication and firewalls are the most common cybersecurity approaches taken. Only half of respondents have established an advisory council to address cyber fraud issues.
Is there any other cybersecurity support you wish your bank would offer?
The C-Suite leaders we surveyed said they’d like their business bank to be more proactive in monitoring and sharing alerts. Others want more insights into their bank’s policies on cybersecurity and cyber fraud, as well as auditing and consulting services.
“Peace of mind and added security free of charge, proactive monitoring.”
“I would like them to provide more details on how they are protecting us and their customers from cyber fraud.”
“A real-time page where we can monitor our data, accounts and money.”
Nearly two-thirds of respondents said their bank offers fraud protection services. 20% weren’t sure.
Nearly all executives confirmed that their bank offers fraud monitoring services and MFA. Only 59% said their bank offers positive pay services.
60% of C-Suite leaders were satisfied or very satisfied with their bank’s cybersecurity support, but 40% were either neutral or unsatisfied.
Our recommendations for executives, based on the insights revealed in our research:
These steps can help you both minimize immediate cyber fraud risks and build a forward-looking, resilient cybersecurity infrastructure that’s more able to evolve alongside emerging threats.
Webster Bank offers proactive support tailored for our banking partners. Visit our Resources page today to see how we can help you and explore exclusive reports and intelligence from our cybersecurity experts.
The opinions and views herein are for informational purposes only and are not intended to provide specific advice or recommendations. Please consult professional advisors with regard to your situation.
Find a banking center or ATM
Contact us