Connect with us

Business

A VITAL APPROACH: BUILDING CYBER RESILIENCE INTO THE FINANCIAL SERVICES INDUSTRY

A VITAL APPROACH: BUILDING CYBER RESILIENCE INTO THE FINANCIAL SERVICES INDUSTRY

Shruti Kulkarni, Information Security Manager, Intelligent Environments

When it comes to judging the range of cyber threats that businesses find themselves up against, you’d be forgiven for thinking that it started and ended with hackers. And while hacking – whether in DDoS attacks, or phishing scams – represents the bulk of an organisation’s cyber fears, there are many other ways their technology can be compromised.

Back in 2013 a particularly unusual case came to light, when a disgruntled employee was found guilty of sabotage after being caught spraying servers and other IT equipment with Cillit Bang. Shockingly, the crusade went on for three years, costing his organisation over £32,000 in damage – not to mention untold disruption. Though this was an isolated incident, it does help illustrate our increasing reliance on cyber safety, and the ease at which security can be compromised.

Clearly, cyber resilience is of the utmost importance. As such, it is of no great surprise that it has been named as the focus of this year’s Business Continuity Awareness Week. More and more organisations are beginning to place their own cyber resilience policies under the spotlight. And worryingly, many are finding themselves coming up short.

Serious Implications

For the financial services industry, investing in effective cyber resilience strategies should be a top priority. After all, the consequences of a breach are potentially devastating.

From an operational viewpoint, cyber security breaches are costing businesses nearly £30 billion every year – and this in the UK alone. In a worst-case scenario, an organisation could be infiltrated without anyone realising. And once hackers are in, they are free to move around the infrastructure, compromising confidential customer information or financial details, or wreaking disruption to your usual processes. With as many as 46 per cent of organisations reporting breaches, chances are most businesses are already under attack.

A Changing Regulatory Landscape

Things don’t get any easier when it comes to compliance. The impending enforcement of the EU’s General Data Protection Regulation (GDPR) will have significant implications for any business that fails to ensure cyber resilience. As well as obvious loss of customer trust that results from a data breach, if organisations are deemed to have been negligent in their handling of data security matters, the new law makes it possible for businesses to be fined up to five per cent of their annual worldwide turnover.

Similarly, the introduction of the revised Directive on Payment Services (PSD2) and the E-Money Directive (EMD) means that security protocol must be robust enough to withstand the frequent attacks, but flexible enough to ensure that data can be shared as and when needed.

As these regulations come into play, risk assessments will become more important than ever before. Not simply for Financial Service providers assessing their own infrastructure, but those of the other fintech organisations they will need to work with. Ensuring that any partners have the right security controls in place to mitigate the identified risks will be a top priority when it comes to the opening of APIs and the sharing of mission critical data.

Ensuring Full Visibility

What’s more, the issue could easily get worse before it gets better. As IT and technology becomes an ever more integral part of business operations, attack surfaces will continue to widen. This serves only to increase the risk of cyber-attack, offering potential hackers more points of entry into the organisation. The ability to detect threats is not enough, it must be done quickly – ideally in real-time. Troublingly, the industry is still some way from safe; research found that financial firms take an average of 98 days to notice a breach. Even worse – in the case of DDoS attacks, 40 per cent of businesses only discovered the attack when customers drew attention to the issue!

Having a holistic and comprehensive understanding of your organisation is crucial – as a financial service provider, you must ask yourself: are you aware of all  realistic and applicable threats for your estate? Do you have full visibility of your information access points? And do you have the measures in place to know if someone is accessing that information without your permission? 

One Lesson to Learn

If you take one piece of advice, make it this: take the time to know your organisation’s attack surface intimately and put in place the mitigations needed to ensure a safe and secure defence-in-depth. There is no substitute or shortcut for knowing your own weaknesses – and no matter how much you spend on security and cyber-breach tools, if you don’t have a complete picture of your organisation’s security requirements then you cannot defend it properly.

Finally, and perhaps most importantly, good security practices begin in the board room. Cyber resilience is a top-down operation, requiring strong and vocal support from management. Everyone in the business has a part to play and employees must be given a good grounding on what kind of threats they should guard against, as well as the potentially devastating consequences of a breach.

Thanks to the nature of our work, organisations within the financial services sector are at a significantly higher risk than other markets. However, with numerous guidelines to help offer a baseline for good security measures, as well strategic investment in understanding the weak-points of your own organisation, it is possible to build cyber resilience into the fabric of our industry.

Business

From furlough to returning to work – employees are feeling insecure in their future

From furlough to returning to work - employees are feeling insecure in their future 1

New data looking into 6,273 employees, commissioned by Perkbox, the employee experience platform, has revealed the considerable impacts of the furlough scheme and the prospect of returning to work to wellbeing.

The research revealed that despite being a job retention scheme, furlough has led to a huge 61% of workers on the scheme with concerns over their future job security, and a further 42% have concerns about the future of their company due to their employer’s participation in the scheme. This is despite almost half (45%) enjoying the time off and break from working that this time provided. 

Furthermore, it’s not just those a part of the scheme that are feeling the impacts. Almost 1 in 5 (19%) who weren’t furloughed by their employers (but their companies did utilise the scheme) felt more secure in their job by not being chosen to be a part of it. 

The scheme hasn’t just led to insecurities, it’s also led to potential rifts between colleagues. 29% of those on furlough felt guilty about not working, while over 1 in 5 (21%) felt guilty for extra work that colleagues had to take on in their absence. Those who remained working over this period had to work harder (19%), experience more stress due to taking on extra responsibilities (18%), which ultimately impacted emotional wellbeing (16%). Resulting in 1 in 10 feeling resentful for their furloughed colleagues’ time off. 

As insecurity levels are high, employees expect company leaders to take personal action before considering redundancies. A huge 65% stated that they believe senior leadership should take a pay cut first, before considering options for staff – just 14% responded that they wouldn’t expect this from their leaders.

Moreover, as the furlough scheme changes, many are returning to work by encouragement of the Government. Despite this encouragement, less than half of employees (47%) feel safe in regard to returning to work (equal between office and non-office based workers), with almost a quarter (24%) feeling ‘unsafe’ about this transition.

Looking at what companies have done to prepare for a return to work, it comes as no surprise as to why employees may be apprehensive. Just 15% of businesses have set a fixed date for returning to work, a further 22% of employees have received no clear guidance on how to return to work. Furthermore, less than a third (31%) reported that their employer had implemented all of the necessary safety equipment to return to work, with just 30% establishing a clear back to work plan. 

Just 4% state that their company is planning to switch to completely working from home – begging the question of when companies are planning to communicate back to work plans. 

Continue Reading

Business

Return to work: Flexibility, preparation and communication are key

Return to work: Flexibility, preparation and communication are key 2

By Matt Weston, Managing Director, Robert Half UK

As lockdown restrictions ease for the foreseeable future, conversations across the business world are starting to turn to how employers can safely and seamlessly prepare for their workforce to return to the office.

Research from Robert Half has found that over half (54%) of employees are worried about working in close proximity to their colleagues, while a similar proportion are eager to return to the office due to loneliness working from home (45%) or concerns about missing out on career opportunities (30%).

Unsurprisingly, after everything companies and their employees have done to successfully adapt their operations and working practices to social distancing rules over the last few months, immediately returning to the old ways of working will likely neither be sensible or practical. With safety being the key priority for the ‘new normal’ of office life – communication, flexibility and preparation should be the main focus areas for employers.

With this in mind, what are the challenges and opportunities that employees anticipate as they prepare for the return to work, beyond government and industry supplied health and safety best practice? Furthermore, how can employers best support their staff during this period?

Keep people at the heart of change

It is important to recognise that your workforce has been working through an intense period of uncertainty and change for months, which can be incredibly unsettling. On top of this, working for weeks in isolation without the usual physical interactions with team members could be potentially detrimental to employee engagement and mental wellbeing.

Having adjusted to keep staff connected with one another from a distance with virtual team building exercises, video calls and daily check-ins, as teams begin working in hybrid models with some in the office and others remote, staff engagement will need to adapt again.

Managing people with greater sensitivity and maintaining positivity throughout will be crucial. To help instil a sense of normality and engagement, encourage maximum collaboration between individuals (in accordance with social distancing rules), and make sure teams feel part of company goals and opportunities through regular meetings and communication – no matter their location.

Continuing to invest in technology and offering flexibility will also be important to ensuring that people can continue to work remotely or on-site, either in accordance with their own wishes or as part of your staggered return-to-office plan.

Communicate, communicate, communicate (and listen)

Reassuring staff that they are able to safely return to the office will require continuous communication. From expectations of the physical office, to expectations of how to operate within hybrid teams, these new expectations and new workplace requirements should be communicated to all staff clearly to avoid confusion.

Regular email updates, updates on the company’s intranet and social media channels, as well as frequent town hall meetings (either online or in a smaller setting) could be key elements of an effective communications approach.

Also, consider a feedback channel to allow staff within the team to offer thoughts on their experience of returning to the office and any suggestions on improving the process. Whether on a company-wide basis or a team-by-team approach, schedule regular check-ins to engage with employees’ questions and concerns.

Maintaining open communication channels with your team will be essential for keeping up employee morale and ensuring clarity. For example, if some employees aren’t comfortable with coming to the office every day, then they should have plenty of opportunities to voice their concerns and have them dealt with promptly, respectfully and fairly.

Staggered return-to-office planning

Depending on the size of business and density of office space, maintaining home working arrangements across teams on an alternating basis could make it easier to implement safe social distancing. This involves select teams working remotely while others work on-site on any given day.

An alternating approach to remote working might also reduce the risk of staff feeling pressured or overwhelmed by an immediate return to the office five-days-a-week. After all, some families might be juggling temporary disruptions to childcare arrangements and public transport systems will likely become crowded again. So, a transitionary period will help everyone adjust to post-lockdown office working.

Finally, if you have developed your technology infrastructure to facilitate remote working, you would do well to continue to leverage these new capabilities as in all probability, a mixture of remote and at-office work will be needed for some time.

Continue Reading

Business

Contis enters RBS Capability and Innovation Fund bid seeking £35 million for disruptive SME growth strategy  

Contis enters RBS Capability and Innovation Fund bid seeking £35 million for disruptive SME growth strategy   3

Leading payments provider, Contis, has applied for two grants from the RBS & BCR Alternative Remedies Package, totalling £35 million.  

Unlike most applicants who will deploy funds through a single brand, Contis is taking a completely different approach. The funding will be used to drive fintech innovation in the UK by developing an off the shelf, B2B electronic and card payment technology platform for SMEs. With Contis’ powerful tech stack and regulated status, this will empower hundreds of fintechs to support the SME market with groundbreaking technologies, payments and lending capabilities. Contis today services over 800,000 consumer accounts, 14,500 business accounts and processes £4bn in transactions per year, demonstrating a proven track record.   

UK businesses are facing a challenging economic environment with the impacts of Covid-19 and Brexit. As large corporations and entire sectors are affected, SMEs will play a vital role in the recovery. Contis’ approach is completely disruptive, offering three channels to maximise support for SMEs and sole traders, through three unique brands, all powered by APIs from Contis’ modular and configurable engine. 

1.       Canvas for Business 

Contis is a super-vendor in the world of fintech, offering payments through proven banking rails and card scheme capabilities including issuing pre-paid, debit and virtual cards. They’re linked to digital delivery like Apple Pay and Google Pay, and a trusted tech stack that boasts 99.99% uptime.  

With funding from the Capability and Innovation Fund (CIF), Contis’ technology and regulated services will be made available to the whole fintech community, enabling them to provide dedicated SME accounts with the latest leading-edge capabilities delivered via Contis’ wholly owned, secure, cloud-based technology and apps. Contis’ solution has a firm eye on the need for SMEs to compete internationally, particularly after Brexit, and offers FX integration as standard.  

Canvas for Business will increase competition by providing fintechs serving the SME market with technology that outstrips the big banks. Contis will also provide credit referencing capabilities and empower fintechs to lend to their SME client base through Contis’ own credit licence. Without the constraints of legacy systems, it will enable simple connectivity to accounting and payments solutions, as well as to unlimited future innovations.  

2.       Engage for Business 

Over 150 Credit Unions currently use Contis’ Engage service and technology, and hold an estimated £400 million in undeployed cash reserves. Developed with CIF funding, Engage for Business will enable Credit Unions to launch business accounts and payments products for the first time, and allow excess funds to be redeployed in the SME sector through business support loans. This will revolutionise access to funding for sole traders and small businesses. 

3.       Freedom for Business 

With CIF funding, Contis will also offer large scale SMEs a direct-to-market solution where Contis holds the relationship and provides a bespoke offer to meet the business’ exact needs. 

Contis’ application to the Capability and Innovation Fund is focused on creating the widest possible impact for UK SMEs by fulfilling their accounts & payments needs and driving innovation in SME financial services. 

Through the grant, Contis will empower over 200 fintechs and Credit Unions to provide credit, simplify payments integration into everyday business needs, offer digital credit referencing, provide budgeting tools to SMEs, enable automated payments, give predictive insight on cash flow, provide rewards to SMEs on spending, and much more. 

Peter Cox, Founder and Executive Chairman of Contis said: “Our mission is to democratise payments and financial services for all SMEs, so they’re spoilt for choice with innovative and affordable solutions that meet their exact needs. Our approach, based upon proven technologies, will broaden and disrupt the services available to SMEs far beyond the capabilities of existing providers such as the big banks.  

“By driving competition and innovation, while improving the availability of funding, our approach will increase the services on offer to SMEs and make them more affordable, therefore becoming easier for every entrepreneurial person with vision to run their own businesses.” 

Continue Reading

Call For Entries

Global Banking and Finance Review Awards Nominations 2020
2020 Global Banking & Finance Awards now open. Click Here

Latest Articles

Matt Kolling Matt Kolling
Banking10 hours ago

UBX appoints new Chief Investment Officer

In line with its strategy to explore and invest in companies and platforms of the future, UBX—the Fintech and Corporate...

Workforce Diversity Matters To Our ESG Evaluation 4 Workforce Diversity Matters To Our ESG Evaluation 5
Top Stories17 hours ago

Workforce Diversity Matters To Our ESG Evaluation

We believe the limited representation of Black voices in key decision-making processes prevents companies from reaping the benefits of a...

Blackline reveals CEO succession plan 9 Blackline reveals CEO succession plan 10
Technology19 hours ago

Blackline reveals CEO succession plan

By President & COO Marc Huffman appointed CEO as of Jan. 1st, 2021; Founder Therese Tucker to serve as executive...

From furlough to returning to work - employees are feeling insecure in their future 11 From furlough to returning to work - employees are feeling insecure in their future 12
Business19 hours ago

From furlough to returning to work – employees are feeling insecure in their future

New data looking into 6,273 employees, commissioned by Perkbox, the employee experience platform, has revealed the considerable impacts of the...

How mortgage regulations are changing globally 13 How mortgage regulations are changing globally 14
20 hours ago

How mortgage regulations are changing globally

By Globalaw members Oliver Foerster, Partner @ Huth Dietrich Hahn, Roberto Sparano, Partner @ Quorum Legal ,Paul Tully, Managing Director and Partner...

Return to work: Flexibility, preparation and communication are key 15 Return to work: Flexibility, preparation and communication are key 16
Business3 days ago

Return to work: Flexibility, preparation and communication are key

By Matt Weston, Managing Director, Robert Half UK As lockdown restrictions ease for the foreseeable future, conversations across the business...

How sustainable AI improves the triple bottom line 17 How sustainable AI improves the triple bottom line 18
Technology4 days ago

How sustainable AI improves the triple bottom line

An investment in green AI enables financial services firms to align people, profit, and planet By Nick Dale, EVP business...

The impact and implications of Covid-19 on financial reporting 19 The impact and implications of Covid-19 on financial reporting 20
Finance4 days ago

The impact and implications of Covid-19 on financial reporting

By Mark Billington, Regional Director, Greater China & South-East Asia, ICAEW The economic consequences of Covid-19 have been unprecedented, affecting...

Contis enters RBS Capability and Innovation Fund bid seeking £35 million for disruptive SME growth strategy   21 Contis enters RBS Capability and Innovation Fund bid seeking £35 million for disruptive SME growth strategy   22
Business4 days ago

Contis enters RBS Capability and Innovation Fund bid seeking £35 million for disruptive SME growth strategy  

Leading payments provider, Contis, has applied for two grants from the RBS & BCR Alternative Remedies Package, totalling £35 million.   Unlike most applicants who...

Four years of digital transformation in four weeks: UK lockdown puts pressure on brands to digitally deliver 23 Four years of digital transformation in four weeks: UK lockdown puts pressure on brands to digitally deliver 24
Business4 days ago

Four years of digital transformation in four weeks: UK lockdown puts pressure on brands to digitally deliver

Nearly a third (32%) of consumers would switch providers if a brand’s website is unavailable for more than 24 hours...