A preliminary study has been conducted on the cybersecurity readiness of 60 key European retail banks, with six top performers identified, writes D-Rating CEO and co-founder Didier Farjon.
Go deeper with GlobalData
D-Rating’s study of 60 leading European banks’ cybersecurity risks flags up six top performers. D-Rating, the digital performance rating agency that carried out the research, will assess other aspects of the 60 banks’ performance throughout 2020.
“Cyber-risk is a danger which has the potential to trigger a systemic crisis. In financial terms, while the total costs of cyberincidents are hard to establish, industry estimates range from $45bn to $654bn for the global economy in 2018,” declared Fabio Panetta, member of the ECB’s executive board, at the fourth meeting of the Euro Cyber Resilience Board for pan-European Financial Infrastructures earlier this year.
“According to some estimates, the average cost of cyberincidents has increased by 72% in the last five years, and businesses will fall victim to a ransomware attack every 11 seconds by 2021.”
In this context, cyber-risk is particularly critical for banking, and threats are potentially even higher during times of crisis. Cybercriminals have certainly not waited for Covid-19 to develop an arsenal of malicious software and devices, but the global crisis generated by the pandemic raises legitimate cybersecurity concerns.
How well do you really know your competitors?
Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.
Thank you!
Your download email will arrive shortly
Not ready to buy yet? Download a free sample
We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form
By GlobalDataAs with every exceptional situation, it is important to bear in mind that cybercriminals seek to take advantage of the haste and reduced vigilance of those directly or indirectly concerned to abuse them, which will be amplified by the strong increase in digital use imposed by the lockdown.
Preliminary study
In the context of its digital performance rating, D-Rating investigated the cybersecurity readiness of retail banks in Europe during the ongoing health crisis. A total of 60 key retail banking brands – including major European operators, neobanks and other banks – are reviewed.
D-Rating’s cybersecurity readiness rating includes the detection of vulnerabilities and qualification of threats related to Android banking apps – vulnerabilities connected to both static and run-time behaviour of the apps – and websites, including DNS health, IP reputation, web application security, network security, leaked information, patching cadence and so on.
It is a 100% outside-in analysis, mainly based on tooled diagnostics from SecurityScorecard for website cybersecurity, and Quixxi Security for Android app cybersecurity. No penetration tests were performed. This preliminary cybersecurity readiness study was conducted from 1 March to 11 May 2020.
From this preliminary study, the top six performers are, in alphabetical order: BPER Banca (Italy), ING (Netherlands), Keytrade Bank (Belgium), Marcus by Goldman Sachs (UK), Raiffeisen (Switzerland) and Santander (UK).
These six brands obtained the highest cybersecurity readiness overall scores, meaning that their mobile apps, according to Quixxi Security evaluation, and their digital footprints, according to their SecurityScorecard evaluation, are among those that showed the lowest levels of vulnerability.
It is interesting to see that this top six includes brands with both small and large digital footprints. Thus, it is possible to have a large exposition to risk, with plenty of digital assets linked to the main site and the brand, and to demonstrate a limited level of overall vulnerability.
This preliminary cybersecurity study will be complemented with a full-year period vulnerability analysis and additional securityrelated indicators by the end of 2020.
Next steps
The next study by D-Rating will look at the digital offerings of the 60 key brands. Several accounts will be opened in each bank by mystery shoppers to test customer journeys, contact channels, functionalities and access to online services on the banks’ websites and mobile apps. Results will be available by late August 2020.
D-Rating’s studies provide all market players – investors, financial analysts, fund managers and companies – with an independent rating of the digital competitiveness of companies likely to impact their business performance in the medium term.
Thanks to its data-drive approach – including the analysis of 700-plus indicators – D-Rating is already a standard in the financial services sector, and is now engaged in the deployment of its activities worldwide and in multiple sectors of activity.
