The following is an excerpt from an article published in FinTech Magazine, featuring insights from our e-book, “The Financial Leader’s Guide to Cyber Resilience.”
Orion Innovation highlights rising security costs, workforce shortages and regulatory deadlines as FIs struggle to balance AI innovation with compliance.
Financial institutions are confronting breach costs that average US$5.56m, some 25% above the global figure of US$4.44m recorded in 2025, according to IBM’s Cost of a Data Breach Report cited by Orion in its guide to cyber resilience.
The disparity reflects the sector’s particular vulnerability as AI-driven systems take on critical roles in lending decisions, risk assessment and transaction processing.
The financial impact arrives alongside compressed regulatory timelines that are reshaping how institutions respond to security incidents.
Securities and Exchange Commission rules now require public companies to file Form 8-K Item 1.05 within four business days of determining an incident is material, forcing legal and security teams to coordinate responses at unprecedented speed.
This pressure intensifies as the European Union’s Digital Operational Resilience Act, which took effect on 17 January 2025, mandates that firms maintain detailed registers of ICT third-party arrangements for supervisory use.
Payment Card Industry Data Security Standard version 4.0 adds further complexity with requirements taking effect on 31 March 2025.
The standards move client-side script governance and payment-page tamper detection into mandatory territory, reflecting a fundamental shift in where financial institutions must now focus their defensive efforts.
Industries
