Shadow AI, third-party compromise and double extortion ransomware converge as DORA makes intelligence-led resilience a regulatory requirement
Filigran, the European open-source threat management company, released Cyberthreats in the Financial Sector, a report mapping the evolving threat landscape facing financial institutions and the regulatory shifts redefining how they must respond.
Read More on Fintech : Global Fintech Interview with Baran Ozkan, co-founder & CEO of Flagright
The report finds that 90% of breaches affecting financial institutions in 2025 were financially motivated, with data breaches accounting for 64% of incidents and ransomware 36%. The financial sector was the second-most expensive industry for data breaches, at $5.56 million per breach.
AI is compounding the risk. Shadow AI accounted for 20% of AI-related breaches, and 97% of affected organizations lacked adequate access controls. Supply chain compromise reached systemic levels, with third-party involvement in 30% of financial-sector breaches.
With the EU’s Digital Operational Resilience Act (DORA) now enforceable, financial institutions must demonstrate intelligence-led risk management, threat-led penetration testing on live systems, and robust third-party oversight.
Catch more Fintech Insights : Real-Time Payments and the Redefinition Of Global Liquidity
[To share your insights with us, please write to psen@itechseries.com ]
As Global Cryptocurrency Wobbles, Market Value Still Projected To Reach $4.94 Billion By 2030