Complete account details

Customer seating information and surface-level data

Passwords and Social Security numbers

Employee personal data

To conduct phishing attacks

To sell legitimate products

To create new software

To improve bank security

They are usually accurate

They are irrelevant to the final scope

They often overestimate the breach

They tend to underestimate the breach

A significant increase in attacks

Attacks have become less sophisticated

A decrease in attacks

No significant change

Reducing collaboration between organizations

Increasing government involvement and collaboration with private industry

Ignoring the threat as it will decrease over time

Focusing solely on individual company defenses