#None #Financial Services #Netskope #Cyber Threats

Netskope's Insight into Cyber Threats Facing Financial Services

In a landscape rapidly evolving with the integration of cloud and AI technologies, Netskope (NASDAQ: NTSK) has unveiled crucial findings regarding cybersecurity threats in the financial services sector. Conducted by Netskope Threat Labs, this report documents the cyber threats that organizations within this industry have encountered over the past 13 months, offering a comprehensive analysis of the risks at play.

The Surge of Generative AI Challenges

The use of Generative AI (genAI) is on a swift rise within the financial services, amplifying the risks tied to sensitive financial and customer data leakage. The report reveals that a staggering 59% of data policy violations related to generative AI involve regulated data, underscoring significant challenges in safeguarding confidential information and ensuring compliance. Other areas contributing to the data leakage risks include intellectual property (20%), source code (11%), and passwords or API keys (9%).

As generative AI becomes more pervasive across the financial sector, the associated risks are intensifying. Around 70% of users are actively harnessing generative AI tools, with 97% employing applications that incorporate generative AI functionalities. Moreover, a striking 94% of users are utilizing applications that engage generative AI models trained on user data.

Shadow AI Under Control, Yet New Risks Arise

While organizations have made commendable efforts to combat Shadow AI, the dual-use risks among personal and corporate accounts are escalating. The proportion of users leveraging personal generative AI accounts for work has plummeted from 76% to 36% over the last year, whereas the adoption of organization-managed generative AI solutions has risen significantly from 33% to 79%. Nevertheless, the percentage of users distinguishing between personal and corporate generative AI accounts has increased from 9% to 15%, thereby increasing the risk of transferring sensitive financial data across unsecured and secure environments.

The generative AI ecosystem is diversifying, with ChatGPT introduced in 76% of organizations, making it the most widely used generative AI application. Following closely is Google Gemini, utilized by 68% of organizations. Emerging tools are also gaining traction, with Google NotebookLM being adopted by 39% and AssemblyAI rising sharply from 1% in June 2025 to 37%. Conversely, several platforms like ZeroGPT (46%), DeepSeek (44%), and PolitePost (43%) face blocking in numerous enterprises due to security and compliance concerns.

Concerns regarding Personal Cloud Apps

Apart from risks stemming from generative AI, the use of personal cloud applications in workplaces poses substantial threats to data security. The report notes that 65% of data policy violations involving personal app usage are related to regulated data, emphasizing the tendency of employees to handle sensitive financial information within environments outside company control. Prominently used personal applications in the financial services sector include LinkedIn (92%), Google Drive (84%), and ChatGPT (77%). Additionally, attackers are increasingly exploiting trusted cloud platforms for malware distribution, with GitHub being the predominant platform, affecting 11% of organizations, followed closely by Microsoft OneDrive at 8%. Such tactics enable malicious activities to blend into normal communications, making threat detection significantly more challenging.

Rays of Hope and Recommendations

Ray Canzanese, Director at Netskope Threat Labs, commented, "As financial institutions accelerate the adoption of generative AI, the pathways for confidential data leaks are increasing. While the shift to managed organizational tools is a positive step, this study reveals persistent risks, particularly in areas where personal and corporate use overlaps. Effective risk mitigation necessitates a multi-layered approach. This can include comprehensive inspection of web and cloud communications to block malware, restricting unnecessary applications, and utilizing Data Loss Prevention (DLP) solutions to safeguard sensitive information. Technologies like Remote Browser Isolation (RBI) are also crucial for safe access to higher-risk websites."

Methodology and Further Information

The contents of this report are based on anonymized usage data from selected Netskope clients in the global financial services sector, collected with prior authorization from February 1, 2025, to February 28, 2026. For the full report and more in-depth insights, please visit Netskope's official website.

About Netskope

Netskope (NASDAQ: NTSK) is at the forefront of delivering cutting-edge security and networking technology tailored for the cloud and AI era. With optimized access and real-time context-based security for people, devices, and data—including agents, applications, and an expansive AI ecosystem—Netskope meets the diverse needs of both security and network teams. With a trusted clientele of over a thousand organizations, including more than 30 Fortune 100 companies, leveraging the Netskope One platform, Zero Trust engine, and powerful NewEdge network, organizations are empowered to visualize application usage across all cloud, AI, SaaS, web, and private applications, ultimately enhancing security and network performance.

For more details, visit netskope.com/jp.

For media inquiries, contact:
Netskope Public Relations Office at NEXT PR: 03-4405-9537
Fax: 03-6739-3934
Email: [email protected]