Shadow AI, third-party compromise and double extortion ransomware converge as DORA makes intelligence-led resilience a regulatory requirement.
PARIS–(BUSINESS WIRE)–Filigran, the European open-source threat management company, today released Cyberthreats in the Financial Sector, a report mapping the evolving threat landscape facing financial institutions and the regulatory shifts redefining how they must respond.
The report finds that 90% of breaches affecting financial institutions in 2025 were financially motivated, with data breaches accounting for 64% of incidents and ransomware 36%. The financial sector was the second-most expensive industry for data breaches, at $5.56 million per breach.
AI is compounding the risk. Shadow AI accounted for 20% of AIrelated breaches, and 97% of affected organizations lacked adequate access controls. Supply chain compromise reached systemic levels, with third-party involvement in 30% of financialsector breaches.
With the EU’s Digital Operational Resilience Act (DORA) now enforceable, financial institutions must demonstrate intelligenceled risk management, threat-led penetration testing on live systems, and robust third-party oversight.
Download the full report at filigran.io.
FAQs
How can financial institutions prepare for DORA’s threat-led penetration testing requirements?
DORA Articles 26 and 27 require intelligence-led penetration tests at least every three years on live production systems, with supervisors expecting measurable improvement across cycles.
Filigran’s XTM platform connects threat intelligence directly to attack simulation, enabling continuous, threat-led validation aligned with frameworks like DORA and CTEM.
How is ransomware targeting financial institutions differently?
Approximately 12.8% of B2B financial organizations experienced ransomware in 2025, with attackers increasingly combining encryption with data exfiltration in double-extortion tactics that trigger regulatory reporting obligations. Filigran’s report found double-extortion is now the dominant ransomware tactic against financial institutions.
Why is third-party cyber risk now a systemic threat to financial institutions?
Third-party breaches like MOVEit continued to affect major banks into 2025, and the Bybit $1.5 billion theft exposed how supply chain weaknesses in transaction flows can lead directly to extreme loss. Filigran’s research recommends continuous intelligence sharing and attack simulation across the vendor
ecosystem.
About Filigran
Filigran, a cybersecurity company, offers an open-source, AIpowered, threat-informed approach to Continuous Threat Exposure Management (CTEM). Its eXtended Threat Management (XTM) platform delivers threat intelligence, exposure validation, and cyber risk reduction. Learn more: Website – Blog – LinkedIn
Media Contact
Treble
Matt Grant
filigran@treblepr.com
Discover other press release
Filigran Announces Strategic Expansion into Japan to Accelerate Proactive Cyber Defense
Filigran (Headquarters: Paris, France;), an innovator in open-source and AI-driven cybersecurity, today announced the official launch of its Japanese organization and the commencement of its strategic expansion to accelerate business operations in the Japanese market. The expansion underscores the strategic importance of cybersecurity collaboration between France and Japan.
Filigran Accelerates U.S. Expansion with Nearly 4x North America Revenue Growth, Major Enterprise Wins and Independent Recognition as a Top Cybersecurity Company
Filigran, the European open-source threat management company, today announced significant U.S. business momentum heading into RSA Conference 2026. The company grew North American annual recurring revenue nearly 4x year-over-year, added 29 new enterprise and government customers in the last year, and expanded its platform with the general availability of OpenAEV Enterprise Edition, establishing Filigran as one of the fastest-growing cybersecurity companies in the market.
Filigran and Intrinsec strengthen their partnership to turn Cyber Threat Intelligence into a strategic advantage
Following the success of their partnership, Intrinsec and Filigran are announcing a new stage in their collaboration. This enhanced alliance aims to provide a complete Cyber Threat Intelligence (CTI) ecosystem, combining Intrinsec’s technical and operational expertise with the advanced capabilities of the OpenCTI Enterprise Edition solution developed by Filigran.