Assessing the impact of cybersecurity incidents on financial losses and user exposure in the global financial sector (2015-2024)

This study investigates the impact of cybersecurity incidents on financial losses and user exposure in the global financial sector, analyzing data from 2015 to 2024. The study utilizes machine learning models, specifically Random Forest and XGBoost, to predict the extent of financial damage and the number of affected users based on various cybersecurity incident characteristics, including attack type, source, and resolution time. The findings indicate that XGBoost outperforms Random Forest, with higher predictive accuracy (R² = 0.74) and lower error metrics (RMSE = 14.52, MAE = 6.08). Key features influencing financial loss include Incident Resolution Time, Country, and Year, with Incident Resolution Time emerging as the most significant predictor. Phishing, social engineering, and DDoS attacks were identified as the most financially damaging, emphasizing the need for robust defense mechanisms. Feature importance analysis further revealed that defense mechanisms, particularly VPNs and AI-based detection, play critical roles in mitigating losses. Despite the strong performance of both models, the study highlights challenges such as class imbalance in the data, which affects minority class detection. Recommendations include investing in AI-driven detection systems, enhancing employee awareness, adopting multi-factor authentication, and updating legacy systems. These measures are crucial for reducing financial and reputational damage. The study concludes that machine learning techniques, particularly XGBoost, can significantly improve cybersecurity practices in the financial sector, providing accurate, real-time predictions that enhance risk management and defense strategies.