Finance firms face a unique vulnerability to insider threats due to the long data retention periods mandated by federal and state regulations. Over time, these organizations can lose oversight of extensive, unstructured data repositories, increasing the risk of exposure. Human error ranks as the third most significant threat, following hacktivists and nation-state actors in 2025, as highlighted in Thales’ Data Threat Report. This scenario creates an opportunity for employees with poor cybersecurity habits to compromise forgotten data within finance establishments.
Implementing Continuous Monitoring to Prevent Agentic Attacks
Thales’ research identifies cloud storage, Software as a Service applications, and cloud management infrastructure as primary targets for cyberattacks post insider exploitation, driven by the adversaries’ pursuit of valuable data. Finance organizations commonly store files, chat records, videos, and social media-generated data on-premises or within private clouds. To safeguard critical information effectively, firms should utilize tokenization, encryption, and continuous monitoring solutions.
Continuous monitoring tools offer visibility essential for data protection, especially as artificial intelligence accelerates the exploitation of weak cybersecurity practices like insecure passwords.
The emergence of agentic AI in finance poses a heightened threat by expanding the reach of malicious attacks. An AI agent assumes a user’s identity, access rights, and operational protocols, potentially accessing forgotten unstructured data. If compromised by threat actors, AI agents could swiftly extract sensitive financial data, raising concerns over security vulnerabilities.
Continuous monitoring enables finance organizations to oversee AI agent activities, scrutinizing data access patterns and questioning the legitimacy of such actions, thereby bolstering cyber defenses.
Enhancing Cyber Hygiene Practices in Finance
Although quantifying insider threats in finance is challenging, Thales emphasizes the prevalence of such risks within the sector. To mitigate vulnerabilities, organizations should educate staff on utilizing robust, unique passwords and implementing multifactor authentication. Proactive data management, including timely deletion post-retention period expiry, is crucial to prevent data exposure in potential breaches.
Managing the complete data lifecycle, including secure deletion when no longer necessary, remains essential for safeguarding confidential information within finance institutions.
UP NEXT: Exploring the security of modern collaboration platforms.
