CFDs are complex instruments and come with a high risk of losing money rapidly due to leverage. 75% of retail investor accounts lose money when trading CFDs with this provider. You should consider whether you understand how CFDs work and whether you can afford to take the high risk of losing your money.
US English

Cybersecurity in Fintech: Challenges and prospects

By Angela Barnes

Edited by Alexandra Pankratyeva

17:44, 15 February 2022

internet security and data protection concept, blockchain and cyber security
Cybersecurity in Fintech: Challenges and prospects – Photo: Shutterstock

Financial service providers are prime targets for criminals as the financial technology (fintech) sector continues to expand. According to Global FinTech Market 2021, the sector was valued at $7.3bn in 2020 and is projected to grow at a CAGR of 26.87%, reaching $31.5bn by 2026.

Data from IBM Security research showed that finance and insurance topped the list of industries attacked by criminals in 2020. Cybersecurity is key to protecting information.

"Cybercrime is the ultimate evolution of financial crime,” Barnabe Robinson, head of risk practice for VentureStep, part of The Conexus Group, told “On the one hand, it facilitates organised criminal activities on an industrial scale with substantially reduced risk. On the other, it has spawned a new breed of opportunist criminal. An extensive range of malware is openly bought, sold and traded on the not-so-dark web. For $5,000 a would-be criminal can purchase malware promising earning potential of $10,000 a week alongside tech support and online tutorials." 

Craig Goodwin, founder of global cybersecurity firm, told more about the importance of cybersecurity, identified the biggest financial cyber risks in the financial sector.

Importance of financial cybersecurity

Peter Firstbrook, VP Analyst at Gartner, said: “Over the past two years, the typical enterprise has been turned inside out. As the new normal of hybrid work takes shape, all organisations will need an always-connected defensive posture and clarity on what business risks remote users elevate to remain secure.”

IBM highlighted that the threat of reputational loss due to sensitive data being leaked has the potential to cause significant damage to a business and its customers, which could lead to legal cases and hefty regulatory fines in addition to the costs of a lengthy recovery.

“When ransomware attackers publicly disclose sensitive data on leak sites, these breaches are often picked up by press, further adding to the reputational harm associated with these attacks. X-Force analysis of public breach data indicates that ransomware-related data leaks made up 36% of public breaches in 2020,” IBM said.

Experts at Deloitte pointed out that financial crime remains a trillion dollar issue, despite significant investment in detection, prevention and deterrence capabilities.

“Criminals are becoming increasingly sophisticated in their use of technology to perpetrate financial crime, finding and exploiting loopholes in our financial system and leveraging emerging technologies such as new payment platforms and cryptocurrencies to conduct complex, multi-layered transactions that are increasingly difficult to detect and trace,” the consultancy firm said.

Identifying the top fintech trends in 2021, consultants KPMG found that the importance of cyber security is crucial.

“Given the rise in digital transactions and the subsequent rise in cyberattacks and ransomware, cybersecurity is a focus area for investors, particularly corporates. In addition to threat security, fraud management, KYC [know your customer], and passwordless security will gain increasing attention from investors,” KPMG said.

Speaking of fintech and cybersecurity, Goodwin added: “As a cybersecurity professional, I will always say that cyber is important for any business but I think the financial services sector is where it really hits home. It is genuine money in people’s pockets ….it is taking money out of people’s pockets… that everyone will feel.” 

Cybersecurity in fintech: Top trends 

Goodwin also highlighted some key cyber threats based on requests from clients within the fintech cybersecurity sector.

Craig Goodwin, the founder of global cybersecurity firm

Goodwin said financial related scams like SMS texts are another common cyber threat with more and more of his customers reporting such scams

IBM’s X-Force Threat Intelligence Index 2021 noted that ransomware attacks are the number one threat, representing 23% of security events:

“Ransomware attackers increased the pressure to extort payment by combining data encryption with threats to leak the data on public sites. The success of these schemes helped just one ransomware gang reap profits of over $123m in 2021, according to X-Force estimates.”

The top two ransomware types observed by IBM’s X-Force in 2020 included Sodinokibi and Nefilim – both blended data theft with ransomware attacks.

“Additional ransomware types frequently seen by X-Force were RagnarLocker (7%), Netwalker (7%), Maze (7%), Ryuk (7%) and EKANS (4%), while the remaining 42% of ransomware attacks were comprised of small samples of other types such as Egregor, CLOP, Medusa and others,” IBM said.

The report highlighted that data theft had increased 160% since 2019, and server access had increased 233%. It also said that nearly 36% of server access attacks observed in 2020 targeted the finance and insurance sector.

Data from IBM Security research showed that finance and insurance topped the list of industries attacked by criminals in 2020. Cybersecurity is key to protecting information.

Top cyber attack trends in 2020

Biggest challenges and prospects of cybersecurity solutions

When it comes challenges, Goodwin explained that financial services are prime targets because real money is there: 

“It is not just traditional approaches to take personal data, with financial services there’s things like fraud or extortion that allow you to get more bang for your buck if you are a cyber attacker or hacker.


0.62 Price
-2.120% 1D Chg, %
Long position overnight fee -0.0753%
Short position overnight fee 0.0069%
Overnight fee time 21:00 (UTC)
Spread 0.01168


2,359.17 Price
-1.620% 1D Chg, %
Long position overnight fee -0.0195%
Short position overnight fee 0.0112%
Overnight fee time 21:00 (UTC)
Spread 0.31


64,925.75 Price
-1.800% 1D Chg, %
Long position overnight fee -0.0616%
Short position overnight fee 0.0137%
Overnight fee time 21:00 (UTC)
Spread 106.00


19,049.70 Price
-0.210% 1D Chg, %
Long position overnight fee -0.0263%
Short position overnight fee 0.0041%
Overnight fee time 21:00 (UTC)
Spread 1.8

“In the early days, it was really easy to see the reputational damage associated with that. Or the other flip side was that the hackers got incredible notoriety as a result of hacking or getting access or monetary gains from well known financial institutions. On top of that, you have nation states too targeting financial operations for political reasons and commercial espionage reasons.” 

Goodwin said the explosion in digitalisation of financial institutions in the last few years has amplified the issue.

“Exposure to the internet, fintech and crypto is all taking off. This means that the number of attack angles and the areas to exploit financial institutions just gets exorbitantly bigger every day - and we have seen that from the RobinHood hack last year, from OpenSea NFT platform hack more recently. With increasing digitalisation, the number of cyber attacks will continue to grow,” he said.

He also explained that it’s hard for those trying to protect institutions to keep up with the tools used to carry out hacking attacks. This puts financial institutions on the back foot. They having to spend a lot of money to protect themselves.

Goodwin said that the ability to have solutions based on outcomes is really important: 

“For ten, fifteen, twenty years, the industry has struggled with a fragmented market place and it is difficult for end users and businesses to understand the market for cybersecurity and what they should buy to protect themselves. Venture capitalists have focused on where they will make money out of cybersecurity tools as opposed to what actually protects the customer. As the end user, in this case, financial services institutions, are getting more educated and knowledgeable about their own protection, they are demanding more from their vendors, not just a compliance tool that ticks a box but something which gives real world protection.
“Despite the fact that there are thousands of different security vendors, hacks still continue to happen. As an industry, we need to do more to protect end users.”

Investing in cybersecurity: Top IT security stocks by market cap

On the day of writing (15 February 2022), the five largest cybersecurity stocks by market capitalisation included Palo Alto (PANW), Fortinet (FTNT), CrowdStrike (CRWO), Zscaler (ZS) and Cloudflare (NET) according to CompaniesMarketCap.

Top IT security companies by market cap

US-based Palo Alto Networks (PANW) topped the list with a market capitalisation of 51.40bn and a share price of $521.02.

Following Palo Alto was another US company, Fortinet (FTNT). It had a market cap of $50.74bn and share price of $310.35. 

Also in the top five cybersecurity stocks was CrowdStrike (CRWD), with a market cap of $41.41bn; cloud-based information security company Zscaler (ZS), with a market cap of $38.44bn; and Cloudflare (NET), with a market cap of $34.16bn.

All the five IT security stocks reached peaks in 2021. The retracement at the beginning of 2022 could be attributed to broader pressure on tech stocks amid rising inflation and growing yields for long-term treasury notes. 

Palo Alto (PANW), Fortinet (FTNT), CrowdStrike (CRWD), Zscaler (ZS) and Cloudflare (NET)

Cybersecurity market growth

The global cybersecurity market is anticipated to reach $366.10bn by 2028, according to the Cyber Security Market 2021-2028 report.

“The surging number of e-commerce platforms and the growing integration of machine learning, internet-of-things (IoT), and cloud are expected to boost the market's growth,” Fortune Business Insights said.

In the shorter-term, Statista said revenue in the cybersecurity market is projected to reach $146,324m in 2022, with IT Services as the largest segment, worth an estimated $69,624m in 2022. 

Statista also noted that the average spend per employee in the cybersecurity market is projected to reach $42.52 this year. It noted that most revenue will be generated in the United States ($58,650m in 2022).

Fortune Business Insights also noted a report by the European Cybersecurity Organisation, highlighting that the UK government invested nearly $2.30bn in internet and network security projects for defence and research in 2020.

“Hence, the increasing government investments in internet security solutions to guard their confidential data and information are anticipated to stimulate market growth,” Fortune Business Insights added.

The market research company also noted how the demand for internet security solutions had risen astronomically in the manufacturing, government, and healthcare sectors during the Covid-19 pandemic, bolstering growth.

Despite the growing number of cyber attacks, which trigger demand for cybersecurity solutions, you should perform your own due diligence before making a decision to invest in any cybersecurity stock. 

It’s important to do your own research and consider the latest market trends and cybersecurity stock news. Always remember that your decision to trade depends on your attitude to risk, your expertise in the market, the spread of your investment portfolio and how comfortable you feel about losing money. And you should never invest more than you can afford to lose.


What is cybersecurity in fintech?

Cisco summarised cybersecurity within fintech as: “Cybersecurity is the practice of protecting systems, networks, and programs from digital attacks. These cyberattacks are usually aimed at assessing, changing, or destroying sensitive information; extorting money from users; or interrupting normal business processes.”

Why is cybersecurity in fintech important?

Cybersecurity in fintech is key to protecting personal and company data. A growing number of businesses offer mobile banking, electronic payments systems and crypto trading, which all come with security risks.

What are the main cybersecurity threats?

Ransomware, a type of malware that prevents you from accessing your computer or the data stored on it, was noted as the number one threat type in 2020 in a report by IBM, followed by data theft. Server access was the third most common attack type in 2020, accounting for 10% of all attacks remediated. Phishing attacks are also one of the most common cybersecurity threats.

Markets in this article

79.15 USD
3.6 +4.780%
CrowdStrike Holdings Inc (Extended Hours)
258.17 USD
-1.05 -0.410%
58.38 USD
1.7 +3.000%
Palo Alto Networks
326.18 USD
1.41 +0.440%
183.84 USD
1.56 +0.860%

Rate this article

Related reading

The difference between trading assets and CFDs
The main difference between CFD trading and trading assets, such as commodities and stocks, is that you don’t own the underlying asset when you trade on a CFD.
You can still benefit if the market moves in your favour, or make a loss if it moves against you. However, with traditional trading you enter a contract to exchange the legal ownership of the individual shares or the commodities for money, and you own this until you sell it again.
CFDs are leveraged products, which means that you only need to deposit a percentage of the full value of the CFD trade in order to open a position. But with traditional trading, you buy the assets for the full amount. In the UK, there is no stamp duty on CFD trading, but there is when you buy stocks, for example.
CFDs attract overnight costs to hold the trades (unless you use 1-1 leverage), which makes them more suited to short-term trading opportunities. Stocks and commodities are more normally bought and held for longer. You might also pay a broker commission or fees when buying and selling assets direct and you’d need somewhere to store them safely.
Capital Com is an execution-only service provider. The material provided in this article is for information purposes only and should not be understood as investment advice. Any opinion that may be provided on this page does not constitute a recommendation by Capital Com or its agents and has not been prepared in accordance with the legal requirements designed to promote investment research independence. While the information in this communication, or on which this communication is based, has been obtained from sources that believes to be reliable and accurate, it has not undergone independent verification. No representation or warranty, whether expressed or implied, is made as to the accuracy or completeness of any information obtained from third parties. If you rely on the information on this page, then you do so entirely at your own risk.

Still looking for a broker you can trust?

Join the 630,000+ traders worldwide that chose to trade with

1. Create & verify your account 2. Make your first deposit 3. You’re all set. Start trading