Criminals are unafraid of taking risks.

In the ever-evolving digital landscape, the financial sector is bracing itself for a potential surge in cybersecurity incidents by 2026. This forecast is based on the intensifying threats linked to technological changes and the rise in cybercriminal activity.

According to RTM Group's research, the likelihood of a significant cybersecurity incident in Russian financial sector companies will exceed 25%. A significant incident is defined as an event that significantly impacts a company, such as large-scale financial theft, mass data breaches, the shutdown of key business services, or the blocking of critical systems.

The heterogeneity of the financial sector's infrastructure security levels adds to the complexity of the situation. While some organisations have robust security measures in place, others may be more vulnerable due to understaffing, outdated equipment, or lack of compliance with cybersecurity regulations.

In several instances, organisations do not implement basic measures prescribed by law, such as those related to personal data protection or critical information infrastructure. This laxity in security practices is a concerning trend that could potentially expose these organisations to increased risks.

Experts suggest a comprehensive approach to protection, ensuring information security at all levels - employees, infrastructure, and connections with contractors, suppliers, and partners. This includes maintaining vigilance, using up-to-date methods and solutions, and responsibly implementing new technologies to achieve comprehensive information security.

The abundance of diverse data in financial organisations, combined with the financial viability of clients, makes them an attractive target for ransomware and other cybercriminals. In fact, the growth of digital services and online operations in banks, exchanges, and MFIs is expected to lead to an increase in incidents.

To reduce risks, experts recommend focusing on strengthening the technological aspect of threats. This includes addressing vulnerabilities in supply chains, exploitation of APIs, and the use of AI and deepfakes for hacking and deceiving users.

It's worth noting that Andrey Afonin, Director of the University of the Bank of Russia, made a statement on February 19, 2025, but no specific details about his statement were provided.

Despite the challenges, there is a demand for cybersecurity personnel in financial organisations across all regions of Russia. However, among the current cybersecurity staff in financial organisations in Russia, 41% do not have relevant education. This skills gap, coupled with the relative calm of 2023-2024 and the "transitional" 2025, has led to gaps in protection that are now accumulating, increasing the likelihood of serious incidents.

Even brief disruptions in key client service systems can lead to customer churn. Therefore, it's crucial for financial companies to prioritise cybersecurity as they continue to implement new digital services, which increases the potential attack surface. By doing so, they can protect their clients' sensitive data, maintain the trust of their customers, and safeguard their own operations from potential cyber threats.