2024 API Security Impact Study for Financial Services

This technical report presents the findings of the 2024 API Security Impact Study focused on the financial services industry. The study reveals that 88.7% of financial services companies experienced API security incidents in the past year, highlighting a significant rise in attacks targeting APIs that handle sensitive data. The report outlines the financial impact of these incidents, with an average cost of $832,800 for organizations affected. Key vulnerabilities identified include failures in network firewalls and issues within APIs related to generative AI tools. The report indicates that while many organizations acknowledge the risks, API security remains a low priority, ranking ninth among cybersecurity concerns. Additionally, the study emphasizes the challenges faced by security teams in distinguishing between legitimate and malicious API activity, with only 28.5% of organizations aware of which APIs handle sensitive information. The findings underscore the need for improved API security measures to mitigate risks and protect customer data.