Contemporary Threats in the Financial Market
Purpose: This article analyses contemporary cyber threats to the financial market and identifies practical strategies for mitigating these threats in the context of increasing digitalisation. The study focuses on assessing the nature and impact of attacks on the financial sector and identifying measures to strengthen the resilience of economic systems. Design/Methodology/Approach: The article employs theoretical methods, including literature analysis, industry reports on cybersecurity, and an examination of incidents that impacted the Polish financial system between 2020 and 2024. The first part characterises the roles of the financial market in the economy. It then analyses the consequences of the digitisation of financial services in the context of emerging cyberattacks and examines the number and value of attacks on financial institutions in Poland. The research problem is formulated as follows: What cyber threats pose the greatest challenge to the security of the financial market, and what strategies can provide adequate protection against them? The hypothesis is that integrated technology-based measures are insufficient to ensure the cybersecurity of the financial market without effective customer education, as customers are the primary participants in this market. Findings: The Polish financial market is perceived by the public as the best protected against cyber threats. On the other hand, banks – as key players in the financial market – remain among the most frequently targeted entities in Poland. Compared to different industries and institutions, banks are considered leaders in cybersecurity. In this respect, Poles rate them even higher than technology companies or uniformed services. In 2024, there was an increase in the use of artificial intelligence to create convincing advertising materials for fraud, the automation of fraud processes, rapid domain changes in response to blockages, the use of current events, e.g. economic ones, and the personalisation of attacks for specific target groups (CSIRT - Computer Security Incident Response Team, KNF - Polish Financial Supervision Authority, 2024). A shift in cybercriminals' tactics was also observed — instead of advanced, technical attacks, they are increasingly using social engineering (a form of fraud in which the use of psychological and social factors is crucial to the success of the attack). This strategy involves persuading people to transfer funds to specified accounts themselves. Practical implications: Research confirms that institutions that prioritise cybersecurity measures not only increase their resilience to cyber threats but also improve their financial performance and increase shareholder value. It is not the scale of investment in cybersecurity itself that has a significant impact on economic performance, but rather the mere disclosure of such expenditure in reports. This reflects a shift away from a reactive approach towards integrated strategies in which cybersecurity becomes a central element of financial planning. Originality/Value: Cybersecurity education plays a crucial role in the functioning of the financial market, serving as one of the foundations of its stability and trust. Raising awareness among employees and customers about digital threats significantly reduces the risk of successful attacks. Aware users are the first line of defence against security incidents, thus contributing to the minimisation of financial, operational and reputational losses. Systematic education in the field of cybersecurity enhances the resilience of financial institutions to emerging digital threats, thereby constituting an integral component of their long-term security and development strategy.