The Rising Cyberstorm: Key Insights from the FS&I Pulse Survey 2025

The Financial Services & Insurance (FS&I) Pulse Survey 2025 by Dun & Bradstreet is one of the most critical barometers we have today, assessing how FS&I Leaders are approaching resilience in an age of AI, fraud, and uncertainty. Of the 11 key risks facing the FS&I sector, Cybersecurity and Fraud top the list, with over 79% of FS&I professionals concerned about cybersecurity and 78% about fraud, making these the most pressing threats across the sector.

Below are some of the key points mentioned on the high concern regarding Cybersecurity risks as reflected by the majority of the FS&I industry leaders:

1. Cybersecurity is the number-one risk, with 79% concerned. This makes it the single most significant threat across the entire FS&I landscape. Leaders consistently rank it above fraud, competitive, and financial risks. The scale of this concern reflects the sector’s deepening exposure to digital vulnerabilities.

2. Cyber risk concern has grown sharply, with 69% more worried than 18 months ago. This indicates a rapid acceleration in perceived threat levels across global markets. The spike is driven in part by recent high-profile attacks and an increasingly volatile digital environment. Firms now feel that cyber threats are evolving faster than their ability to respond.

3. Cybersecurity is the risk area where firms feel most unprepared, with 38% not fully ready. This preparedness gap highlights that even with rising awareness, capabilities have not kept pace. Many organisations still lack the necessary infrastructure, incident response maturity, and visibility to protect themselves. This sense of unpreparedness persists despite significant increases in investment.

4. Cyber risk is expected to be the biggest concern heading into 2026, cited by 53%. As firms accelerate digital initiatives and AI adoption, cyber exposure naturally increases. Leaders fear that foundational weaknesses could jeopardize progress and customer trust. This positions cyber resilience as a critical board-level priority for next year.

5. Recent high-profile attacks over the last 18 months have intensified cyber anxiety. These incidents have underscored how quickly disruption can spread across the financial ecosystem. As a result, emerging threats feel harder to predict and manage than traditional financial risks. This trend has elevated cybersecurity to a constant strategic concern.

6. US firms show the highest cyber concern, with 85% reporting worry about cybersecurity. This is significantly higher than fraud or other non-financial risks in the US market. The heightened concern suggests greater exposure to sophisticated threat actors and to regulatory expectations. It also reflects the critical role of digital infrastructure in the US financial system.

7. Cybersecurity is the top area of increased investment, with 69% of firms boosting spending. Organisations are channelling more resources into detection, monitoring, and prevention tools. Despite this, many still feel behind the curve, suggesting investment alone is not enough. The gap between spend and readiness remains a core challenge.

8. Poor data quality and limited visibility hinder effective cyber-risk management, with 73% unable to assess non-financial risks properly. Cyber risk is closely linked to data quality, as fragmented or inaccurate data slows and undermines threat detection. Many firms struggle to consolidate insights across systems, reducing situational awareness. This restricts their ability to respond proactively to emerging cyber threats.

9. Cyber threats are becoming more complex, outpacing traditional defenses. Experts note that institutions must shift from reactive to predictive models to stay ahead. Legacy systems and manual processes are no longer capable of addressing modern cyber challenges. This complexity underscores the urgent need for intelligence-driven, automated security strategies.

10. Third-party vulnerabilities amplify cyber exposure, with 35% experiencing security breaches due to poor preparedness. As FS&I firms rely heavily on external vendors, a single weak link can create system-wide risk. Many breaches stem from limited visibility into third-party environments and outdated onboarding processes. This highlights the critical need for continuous monitoring and stronger third-party governance.

Further, more respondents believe the trend will continue into 2026, widening by nearly 9% as compared to other concerns, such as data quality and fraud.