IBM: What are Financial Services Doing About Cyber Attacks?

Banking and fintech are no stranger to cyber attacks, with reports such as one by Check Point Software stating that cyber incidents are doubling – from 864 in 2024 to 1,858 in 2025.

IBM has recently revealed that Europe was the third most targeted region in 2025 by bad actors, with the finance and insurance sector leading with 39% of incidents. 

Threat actors are using AI to scale up their attacks.

Simultaneously, the weaknesses in AI systems that enterprises use are becoming exploitable pressure points. 

This is particularly relevant as banks, like all other companies, are rapidly integrating AI into their operations.

In this Q&A, Sebastian Weir, Executive Partner, AI, Analytics and Automation Practice Leader (UKI) at IBM, explains how banks and financial institutions can tackle the risks and create a strong plan of defence and offence. 

Which weaknesses make financial institutions most vulnerable to cyberattacks?

The weaknesses that cause the most damage in financial institutions are often surprisingly simple.

A lot of breaches still come down to misconfigured public-facing apps, weak authentication or unpatched systems, the kinds of gaps attackers can spot instantly with automated tools.

Identity issues are another big one, especially as criminals increasingly go after credentials rather than trying to break through hardened infrastructure. People remain a major pressure point, too.

Why is cloud resilience critical for financial services security?

Cloud resilience has become central to mitigating risk and providing a continuous service.

Banks rely heavily on the cloud to run everything from payments to mobile apps to trading platforms, so even a short outage can disrupt services, frustrate customers and open organisations up to further attacks.

We’ve already seen cases where a single misconfigured storage bucket exposed sensitive data or where a cloud provider outage caused widespread downtime across multiple banks.

A lot of breaches still come from basic issues: weak identity controls, misconfigured access or unpatched cloud systems. That’s why regulators are pushing firms to prove they can absorb shocks, recover quickly and avoid relying too heavily on any one provider.

Cloud resilience isn’t just about uptime – it’s about ensuring the financial system keeps functioning smoothly even when something unexpected happens behind the scenes.

How can AI projects introduce hidden vulnerabilities in banking systems?

AI introduces risks that aren’t always immediately obvious.

Training data is a major one – if it’s biased, incomplete or poorly governed, those flaws inevitably show up in the model and can lead to unfair or non-compliant outcomes.

It’s a reminder of just how quickly these tools are evolving and how easily issues can scale.

Complex models create another challenge – opacity.

When even developers can’t fully explain how a system reaches its decisions, managing risk or satisfying regulators becomes far more difficult. And every new AI deployment adds integrations, APIs and data flows that expand the attack surface.

Without strong governance and security-by-design principles, AI projects can unintentionally open new pathways into critical systems.

How should UK banks design AI systems with security in mind?

Security needs to be baked in right from the start. That means setting clear governance principles, defining accountability and ensuring ethical considerations are built in early. 

Banks are increasingly stress-testing AI models before launch, using red-teaming to uncover weaknesses and understand how systems behave under pressure.

Once a model goes live, continuous monitoring becomes essential because AI can drift or react differently as data changes.

Access controls, secure development practices and model-level protections all play a role.

When done well, this approach doesn’t slow innovation it creates a safer foundation for it.

One convincing phishing email can still give an attacker everything they need. And then there’s the supply chain, which has become a much bigger concern.

We’ve seen a four-fold rise in large third-party compromises since 2020, driven by attackers exploiting trust relationships and weaknesses in CI/CD pipelines, SaaS integrations and open-source components.

With AI-powered coding tools speeding up development and occasionally introducing unvetted code, that pressure is only increasing.

Banks rely on hundreds of vendors, so a single weak link can open the door. Getting the basics right internally and keeping a close eye on third-party partners is essential.

What role does traceability play in securing AI in finance?

Traceability is the absolute backbone of trustworthy AI in finance.

It provides a clear record of where the data came from, how the model was built, what’s been changed over time and why it produces certain outcomes.

In a regulated industry, that level of transparency isn’t optional. When a customer challenges a decision or a regulator asks for evidence, traceability allows banks to explain the model’s reasoning with confidence.

It’s also essential for diagnosing issues. If a model suddenly behaves strangely, an audit trail helps teams pinpoint whether the problem stems from new data, a code update or something deeper in the algorithm.

As AI becomes more embedded in critical systems, traceability ensures banks can maintain control, accountability and trust.

What’s the future of AI security for UK banking and fintech?

The future is shifting toward proactive, baked-in security.

As AI becomes embedded in everything from fraud detection to customer interactions, security-by-design will become standard practice, driven by regulation and the pace of emerging threats.

We’ll see a more deliberate partnership between humans and AI, where automation handles monitoring and pattern-spotting while humans focus on judgment and oversight.

Collaboration will matter more than ever. Banks, fintechs, regulators and technology providers will need to share intelligence and align on best practices to stay ahead of fast-moving risks.

And as AI models themselves become targets, investment in model-level security, traceability and continuous monitoring will grow. The organisations that thrive will be the ones that treat security as a foundation for innovation, not a barrier.