Payments Journal: Three Actionable Metrics Banks Can Track to Stay Ahead of Cybercriminals
On September 20, Payments Journal featured NetSPI Managing Director Norman Kromberg’s article on Three Actionable Metrics Banks Can Track to Stay Ahead of Cybercriminals. Read the preview below or view it online.
+++
If asked what the top industry for cyberattacks is, everyone would likely mention financial services. Banks, specifically, continue to be one of the top targets for cybercriminals, due to the critical assets financial institutions possess – primarily personal customer data and money.
It is one of the most targeted sectors for a reason, with the cost of cybercrimes being the highest in the banking industry, reaching $18.3 million annually per company. But, the financial industry is also known to have some of the most mature cybersecurity programs, which equates to quick remediation.
In recent years, we’ve seen a rise in digital banking, which was largely accelerated by the pandemic. This has led to an increased, more complex attack surface for cybercriminals, and more entry points.
In fact, in the first half of 2021 alone, the industry reported 30% more ransomware attacks than in all of 2020. As a result, regulators and cyber insurance underwriters have become stricter, making it vital – and often required – that banks, and the financial industry as a whole, have offensive cybersecurity strategies in place that are tailored to their unique threat landscape.
As financial institutions grapple to adhere to these mandates, many have seen the value in metrics in meeting such strict requirements. There are many ways to utilize metrics for business success, including determining a company’s IT footprint, time to breach remediation, and revenue being prioritized for security measures, just to name a few. In this piece we’ll dive into three of the top metrics cybersecurity experts can use to adhere to regulatory demand.
Explore More News
NetSPI Expands Suite of AI-Powered Continuous Pentesting Services as Organizational Attack Surfaces Grow
NetSPI expands suite of Human-Led, AI-Powered Continuous Pentesting Services, including a first-of-its-kind AI Findings Validation service, as well as continuous testing for web applications and internal networks.
AI’s Role in the Next Era of Pentesting
This article discusses how AI can accelerate penetration testing, but without human expertise to validate findings and apply business context, organizations risk confusing faster output with stronger security.
Why Continuous Security Validation is Becoming a Security Imperative
CTO Magazine interviewed NetSPI's Field CISO, Nabil Hannan, for a June 11, 2026, article about how cloud-native architectures, continuous deployment pipelines, APIs, and AI-assisted development have accelerated change across enterprise environments.