Connect with us

Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website. .

Top Stories

Financial services need to become data fortresses: robust and secure
Financial services need to become data fortresses: robust and secure

Published : , on

By Stuart Reed, VP of Products,Nominet

Like many industries, finance is well aware of the need to maximise the returns presented by digital.  However, financial institutions are tackling digital transformation at a pace and scale not common across other sectors. The question is, is this at the expense of security?

To explore this, Nominet recently commissioned a survey of CISOs, CTOs and CIOs at financial services providers across the UK and US, looking at the intersection of digital transformation and cyber security. It sought to explore how banks can manage third party risk, innovate, and meet evolving customer expectations while mitigating their exposure to cyber-attacks.

An appetite not to be left behind

Traditional banks have become increasingly vulnerable, juggling a myriad of challenges. Often they are having to reinvent themselves and come up with new and innovative ways to ride the wave of disruption. Mobile technologies, cloud platforms, and big data are just some examples of next generation technologies bolstering the capability of financial services institutions to improve cost efficiencies and remain relevant in today’s digital age.

Customer banking habits have shifted to expect an “always on” and “always connected” experience, and banks are aligning their services with these expectations.  According to the report, around half (49%) were implementing digital transformation programmes to keep pace with evolving customer behaviours and preferences.

But, while digital transformation might be seen as the answer to securing a bank’s future, the evolving cyber landscape means that many may be compromising themselves in the hunt to become more innovative.

Financial services institutions are in a constant battle to arm themselves against the threat of attackers trying to breach their networks and siphon off high-value data. With the majority of customers managing their finance online 24/7, a bank’s IT network is a treasure trove, hugely attractive to cyber-criminals.

Awareness of this is not lacking.  In Nominet’s survey, many were mindful of the risk exposure such digital programmes could have on their business, with about half (48%) claiming a threat to cyber security was the single biggest risk by its implementation. Over half of correspondents (53%) were equally, if not more, concerned about the increased attack surface presented by digital transformation, which now extends beyond the four walls of a bank branch.  The majority (64%) are also worried about the exposure of customer data.

A complex environment of incidents and regulation

Incidents match this increased concern. In the last year in the UK, financial services firms reported a 1000 percent increase in incidents to the Financial Conduct Authority (FCA).[i] According to the FCA, 21 percent of these were triggered by third-party failure, 19 percent from hardware or software issues, and 18 percent were caused by a change in management.[ii]

The regulatory burden is also growing for financial services firms.  On the other side of the Atlantic, many regulators believe that hackers now pose the greatest risk to the US financial system. In response, they have considered pooling resources to assess the cyber defences of America’s top banks.

In the UK, GDPR has drastically increased potential penalties on companies found to mismanage customer data. 47 percent of respondents cited compliance with new regulations as a driver for digital transformation to modernise their processes and operations.

A matter of timing

The reality is that, despite the rise in UK financial services firms falling prey to cyber breaches, businesses are failing to build security into digital transformation initiatives from the outset. Only around two in five admitted considering security, with one in five either leaving it to the pre-implementation or implementation stages. Worryingly, one in ten admitted to putting it off until their transformation was actually underway, and a handful confessed to giving cyber security no thought at all.

The majority of financial institutions are now opting to outsource essential back-office processes to simplify and streamline operations. 82 percent of financial services providers outsourced their digital transformation efforts, for example. But, while using third-party vendors boosts in-house capabilities and adds value in terms of domain knowledge and technical expertise, it also heightens the exposure to risk. It doesn’t matter if a third party is to blame for the misuse of data; under GDPR the company itself is responsible for the data. It’s therefore important to strike a balance and look at the digital transformation strategy through a lens of cyber to mitigate the misuse of data or a breach in the network.

As banks become more forward-thinking and innovate for the future, they must also keep a watchful eye on the present.  Security teams need to be deeply embedded in all digital transformation initiatives from the very start.  It should not be a question of securing infrastructure once a project has gone live, rather building in security from the outset as part of the planning phase. Without this, digital transformation will always present as many risks as it does opportunities.

Control vs visibility

Furthermore, whilst embracing cloud based models inevitably means relinquishing a level of control to a third party, it is essential to recognise that the responsibility of data still remains.  As such, understanding where that data is, how it is accessed, who can access it and ensuring interactions are both expected and legitimate are crucial.  Arguably having visibility across the network (be it on premises, in the cloud or a mixture of both) is more important than ever before.  The common denominator linking networks regardless of complexity is the Domain Name System (DNS).  DNS based traffic flows between network in all organisations and therefore if utilised as part of the security stack can provide valuable information regarding malicious and suspicious behaviours along with identifying data theft through DNS “tunnelling”.  Having visibility and actionable intelligence at this layer provides the holistic view often missing at the network level and can help security teams reduce their digital attack surface and quickly respond to an identified breach before it causes harm.

 [i]https://www.bbc.co.uk/news/technology-48841809

[ii]https://www.forbes.com/sites/soorajshah/2019/07/01/finance-firms-reported-staggering-819-cyber-incidents-in-2018–12-times-more-than-2017/

Uma Rajagopal has been managing the posting of content for multiple platforms since 2021, including Global Banking & Finance Review, Asset Digest, Biz Dispatch, Blockchain Tribune, Business Express, Brands Journal, Companies Digest, Economy Standard, Entrepreneur Tribune, Finance Digest, Fintech Herald, Global Islamic Finance Magazine, International Releases, Online World News, Luxury Adviser, Palmbay Herald, Startup Observer, Technology Dispatch, Trading Herald, and Wealth Tribune. Her role ensures that content is published accurately and efficiently across these diverse publications.

Global Banking & Finance Review

 

Why waste money on news and opinions when you can access them for free?

Take advantage of our newsletter subscription and stay informed on the go!


By submitting this form, you are consenting to receive marketing emails from: . You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact

Recent Post