The financial services vertical could be big business for solution providers, especially in security, where nascent regulatory regimes and constantly changing threats create an environment rich with opportunities for companies with the guts and the know-how to dig in.

In recent reports, both the U.S. Securities and Exchange Commission and FINRA, the Financial Institutions Regulatory Authority, each published some relatively encouraging news about financial firms' cyber security practices.

For example, the SEC found that 93 percent of broker-dealers and 79 percent of investment advisors conduct periodic risk assessments to identify threats and weak spots in company systems, policies and procedures.

That may sound impressive, but consider this: The SEC also found that nearly 90 percent of broker-dealers and 74 percent of investment advisors have been targeted by cyberattacks.

Bob Guilbert, managing director at IT services and consulting firm Eze Castle Integration, says financial firms are becoming more aggressive about security policies and procedures as investors become more demanding.

Investors are asking more questions, and those questions are getting more detailed and specific, Guilbert said.

"They're putting millions of dollars into these funds, and there's enough risk associated with the investments themselves," Guilbert said. "They don't necessarily want risk in whether someone is trying to enter the system and fraudulently take money out."

During one recent month, Eze Castle's clients – mostly hedge funds – experienced three separate spearfishing attacks.

Hackers, Guilbert said, "are looking for people who are not being vigilant," often asking unsuspecting managers to write checks or approve fund transfers that may appear routine to unsuspicious eyes.
 

Next: The Right People In The Right Places