77 Out of 80 RIAs Just Failed a Cyber Test—Most Thought They Were Protected

Most RIAs believe they’re secure. But when we recently tested 80 firms, 77 failed at least one critical cybersecurity control—many failed several. The biggest risk isn’t just sophisticated bad actors…it’s the false sense of safety inside the firm.

Cybercrime is now one of the fastest-growing systemic risks in global finance:

• The IMF projects cybercrime will cost $23 trillion by 2027—a 175% jump since 2022.
• The FTC logged 6.47 million cybercrime reports in 2024, with fraud and identity theft making up nearly 60% of them.
• The Allianz Risk Barometer shows45% of global risk experts now cite cyber incidents asthe #1 threat to business continuity—higher than natural disasters or energy crises.
• Verizon’s 2025 Business Report found the human element is involved in 60% of breaches—a single bad click is all it takes.

The IMF projects cybercrime will cost $23 trillion by 2027—a 175% jump since 2022.

The FTC logged 6.47 million cybercrime reports in 2024, with fraud and identity theft making up nearly 60% of them.

The Allianz Risk Barometer shows45% of global risk experts now cite cyber incidents asthe #1 threat to business continuity—higher than natural disasters or energy crises.

Verizon’s 2025 Business Report found the human element is involved in 60% of breaches—a single bad click is all it takes.

This is no longer about genius-level hackers in dark basements. Cybercrime has gone mainstream.

As BD Emerson warned: “Much like legitimate tech enterprises, cybercriminals are adopting scalable business models—offering ‘cybercrime-as-a-service’ platforms that make it easier for less experienced actors to launch cyberattacks. This democratization of cybercrime is driving exponential growth in the threat landscape, pushing global cybersecurity breaches and financial damages to record levels.”

When crime becomes a service model, every firm becomes a target, not just the large ones.

The Financial Sector Is in the Crosshairs

A recent industry analysis found:

• 93% of financial firms were attacked at least once last year.
• Nearly one in five faced more than twenty-five attacks.
• 57% are not monitoring threats in real time.
  

And leadership knows what’s at stake:

• 88% of financial executives say a successful cyberattack would trigger client withdrawals or investor panic.
• That number rises to 94% among CFOs.

What We Found: 77 of 80 Firms Failed an RIA Cyber Penetration Test

We run a cybersecurity penetration test designed specifically for RIAs, which we call RiskInsights Assessment (RIA). The test evaluates both controls and real-world exploitability.

Of the 80 firms we tested, 77 failed at least one of the following core protections:

• Microsoft 365 security posture (real configuration vs assumed protection).
• Integrity of Azure, Entra, Intune, and Defender security tools.
• Exposure of leaked credentials on the dark web.
• Firewall and internal network resilience against intrusion.
• Endpoint, password, and update hardening.

In every failed case, our penetration test exposed gaps the firm wasn’t aware of—gaps that a real attacker could easily exploit.

Too many RIAs are still using traditional perimeter firewalls, out-of-the-box M365 defaults, generic IT support that doesn’t understand SEC-level expectations, and “set and forget” tools without monitoring. Regulators, attackers, and clients are all moving faster than most firms’ cybersecurity playbooks. What RIAs need now is visibility and a prioritized remediation roadmap—not another software license or theoretical policy document. Client trust is the business model. A breach doesn’t just threaten uptime—it threatens AUM.

(Originally posted for Wealth Management's 2026 Market Outlook)