2025 Predictions: Where the Smart Money Will Be Spent in Bank Cybersecurity

by

December 20, 2024

Jeremy Pogue headshotBanks are spending more on their IT in 2025, especially on bank cybersecurity. How do we know? We asked.

In our latest Integris special report, Understanding US Banks Annual IT Spend in 2025, we surveyed over 1,000 bank executives in US banks with $3 million to $20 billion in assets. All of them told us the same thing: they were looking to spend more and spend smarter on their IT in the next 12 months. Here are some of the highlights:

  • No bank said they were cutting their IT budget.
  • 88% said they plan to increase IT spending by at least 10% in 2025.
  • 52% felt they needed to spend more on IT despite increased investment.
  • 86% said that cybersecurity was a top concern and their biggest area of budget increases.

As the director of security services here at Integris, it warms my heart to see so many financial institutions “seeing the light” on cybersecurity investment. I have predictions about where that increased budget might be headed in 2025.  Let’s talk about where some of that money might be best spent.

Five Key Opportunities to Harden Bank Cybersecurity Defenses in 2025

Artificial Intelligence is having a tremendous impact on the business world. This is especially true in the cybersecurity industry, which has seen an explosion of new tools that use AI to analyze incoming threats in depth. Security software is getting more innovative and more comprehensive than ever before. Here are some ways we’ll see banks shift their security focus to exploit these new resources.

 

Opportunity #1—Shifting from SIEM to XDR for Threat Detection

Security Incident and Event Monitoring (SIEM) has been standard for years, helping banks quickly find anomalies and malware lurking in the logs for their servers, network devices, and applications. Many SIEM products are now being rolled into larger-scale , which focus on a broader range of security telemetry data, including endpoints, network traffic, and cloud environments. While traditional SIEM systems rely on predefined rules and signatures, XDR uses advanced analytics and machine learning to catch a broader range of threats, including those that are unknown or emerging.

This has some real advantages for banks, including:

  • Reduced Alert Fatigue—eliminating the high volume of false positives from SIEM and replacing them with more accurate, contextualized alerts
  • Comprehensive Visibility—integrating data from multiple sources so you have a more holistic view of incoming threats.
  • Improved Response Capabilitiesthat not only detects threats but also automates and orchestrates responses across different security layers.
  • Scalability and Flexibilitywith scalable, cloud-native applications making them easier to deploy and manage than traditional SIEM systems.

 

Opportunity #2—Moving from Virtual Private Networks (VPN) to Secure Web Gateways to Improve Bank Cybersecurity

 

Virtual Private Networks (VPNs) protect end users from the network server, providing a secure working network channel for employees, whether they’re in the office or away. VPNs are a key security measure, but they have been eclipsed recently by the emergence of Security Web Gateways (SWGs).

SWGs stand between users and the entire internet, not just their company network connection. They inspect all web traffic for users, analyzing it for threats and policy violations. They enforce company security policies by blocking or allowing traffic based on pre-defined rules you set. They’re flexible and can be deployed as on-premise appliances, cloud-based services, or software applications.

A Secure Web Gateway bundles several capabilities into one intelligent tool, including:

  • URL Filtering— to block malicious or inappropriate websites
  • Anti-malware—that stops malware from being downloaded or executed
  • Data loss prevention—to prevent sensitive data from being leaked or stolen
  • Content filtering—that blocks out harmful or non-compliant material

We’re recommending this step up in security to all the financial institutions we work with.

 

Opportunity #3—Upgrading to Cloud Access Security Brokers

 

For our clients with employees using extensive cloud-based apps, adding a Cloud Access Security Broker (CASB) is generally money well spent. While a secure web gateway works on all internet traffic, a CASB is an intermediary between users and cloud service providers. This ensures data protection and security policies are enforced when employees use cloud-based applications.

A CASB can provide comprehensive protection for your data in the cloud. Its analysis can offer detailed insights into your cloud usage and potential risks. Regulators love it, too, because it ensures your cloud usage is fully compliant. It’s a good investment and a gold standard for cloud security coverage.

 

Opportunity #4—Better Security Awareness Training Programs for Employees

 

By now, most community banks and credit unions offer some training for their employees, including cybersecurity awareness. Yet, many aren’t taking advantage of the more sophisticated training options available.

With today’s online SAT programs, keeping your employees updated about the latest hacker tactics has never been easier. Most online programs are comprehensive, interactive, graded, and fully monitored. Best of all, they are plug-and-play. Simply sign up for a training license for each employee. Each month, short training lessons arrive automatically in your employee’s inbox.

The best programs scale based on the number of employees you have and offer:

  • Short, engaging video lessons that take just minutes a month
  • Graded reports that show an employee’s progress and test scores
  • Completion certificates that are automatically uploaded to employee HR profiles
  • Automated report generation that can be shown as proof of your best practices to cyber risk insurers and banking regulators
  • Training content that changes based on cybersecurity headlines in the news and new hacker tricks

Training programs like these are surprisingly affordable and easy to implement. This is one area where it truly doesn’t make sense to skimp.

 

Opportunity #5—Evaluating Gaps in Your Cyber Risk Insurance

 

Bank regulators require cyber risk insurance policies. They play a critical role in protecting your bank from devastating losses from data breaches. Yet, many banks don’t understand the fine print in their policies and end up with significant gaps in their coverage.

Every year, it’s good practice to sit down with your insurance broker to evaluate whether your policy is still the right size and scope for your growing organization. The devil is in the details when it comes to cyber risk insurance policies. In addition to data breach losses, make sure you have a policy that covers you in these key areas:

  • Third-party risks—like the CrowdStrike outage, where losses occur when transactions are stopped or compromised because of problems with a third-party vendor
  • Regulatory fines and penalties—imposed by regulatory bodies, which many policies exclude- can be substantial in the financial sector.
  • Reputational damage—that can come from business losses after breaches and the period it takes to come back from loss of customer trust
  • Advanced Persistent Threats—including coverage for sophisticated, long-term cyberattacks that infiltrate networks over time
  • Policy Exclusions—such as acts of war or terrorism and other limits on coverage amounts that can expose banks to significant business losses.
  • Incident Response Costs—which are often not covered, such as legal fees, public relations efforts, and customer notification expenses.

There’s always room to improve the alignment between your cyber risk policies and your institution’s growth and security goals. Now is the time to examine your entire cybersecurity operation more closely and harden your defenses.

 

Want to Find Out More about Bank Cybersecurity Spending in 2025? Download our Latest Free Report!

understanding US Banks IT Spend for 2025

 

 

 

Jeremy Pogue serves as Director of Security Services at Integris.

Keep reading

The Regulatory Outlook for 2025 and What That Means for Banking IT

The Regulatory Outlook for 2025 and What That Means for Banking IT

With a new administration coming in, 2025 promises to be a year of change. But will it significantly impact banking regulation and your bank’s cybersecurity? No one has a crystal ball, of course, but recent global outlooks for the banking industry seem to point to two...

The Role of Cybersecurity in IT Support for Law Firms

The Role of Cybersecurity in IT Support for Law Firms

When it comes to hiring IT support for law firms, too many practices are stopping short of making the cybersecurity investments they need. In fact, according to the American Bar Association Tech Report, nearly half of all firms are missing one or more of the key...