By Chris Riley, President of U.S. Operations, SSH Communications Security
The need for cybersecurity is clear and critical, yet it still meets with quiet resistance in some quarters. Why? It is notorious for interfering with the flow of business. It’s easy to view data security efforts as a cost center that slows down business and frustrates employees, users and customers alike. C-level executives need to be aware of how their organizations’ security measures affect business processes and productivity.
Cybersecurity is far too important a topic to simply assign responsibility for it to the chief security officer, chief information security officer or IT team. C-suite executives with non-technical backgrounds might see the iceberg ahead, but do they really understand the size of the problem below the surface? Failing to take responsibility here is a potentially disastrous mistake.
Security is Everyone’s Job
Demonstrating the importance of cybersecurity is a top-down affair. If executive leadership is not involved directly, it can give the impression that cybersecurity is not a number one priority; employees can do it tomorrow or whenever they have time. When the board or CEO starts asking the management team about what measures the company has in place to avoid becoming a headline, then there’s a much bigger chance of real change taking place.
If leaders don’t read the current cybersecurity atmosphere properly, they could be headed for dire consequences. The boardroom is placing the responsibility for cybersecurity squarely on the C-suite’s shoulders. As we have seen in recent headlines, a particularly bad public data breach can ruin a CEO’s career. As enterprises and government agencies are required to follow GDPR (see below) and other cybersecurity guidelines, more than just the CEO will be targeted for replacement.
The deadline is fast approaching for compliance with the General Data Protection Regulation (GDPR), which will take effect in May 2018. This regulation will have a major impact on the European Union and international companies with access to European citizens’ sensitive data. The GDPR expands the definition of sensitive data to include online identifiers, such as an IP address or cookies.
In short, organizations must account for all sensitive data and the access granted to it. If a company is found to be in violation of GDPR, it can be fined up to four percent of annual global turnover or €20 million, whichever is greater. This maximum fine is issued for the most serious infringements, such as not having sufficient customer consent to process data or violating the core of Privacy by Design concepts. There is a tiered approach to fines for lesser offenses, but the monetary amount is still painful. C-level executives can help their companies avoid that pain and brand damage by committing to taking an active role in cybersecurity.
Now is the time for executives to dive in and gain a detailed understanding of the company’s cybersecurity efforts. The following best practices are a good place to start:
- Identify the cybersecurity sand traps: Do employees work around security measures in order to access business applications more easily? Have they created a shadow IT environment of unauthorized systems and solutions for their convenience? When used properly, cybersecurity can be an enabler of new business, protecting data in the cloud and allowing the company to take advantage of the cloud’s cost-saving agility and flexibility, for example. Finding ways to minimize the risk of human error, such as automating as many security processes as possible, can also help increase business efficiency.
- Keep your eyes open: As cyber threats evolve, they require the C-suite to adopt a totally new way of thinking. Companies need to adopt practices that don’t affect their workflow and don’t disrupt the actual business in any way. Look to what universities, incubators and startups are producing, as they are the best sources for cybersecurity solutions and talent, and hire the expertise you need from that pool. Make sure your team is evolving with the threats.
- Ask and assess: Go to the knowledge base of your organization – meet with the cybersecurity team. Ask questions and assess: What are they working on? What is their security posture, and what solutions are currently in place? What is the critical business decision-making process used to determine what infrastructure MUST be secured? Where are the weak spots? How can the team see, control and maintain a more secure environment? Attend conferences and seminars to learn about what steps your peers are taking to protect their own companies. Make sure that you have knowledge of your current systems and the opportunities to improve – and as quickly as possible. Don’t wait for the next quarter or next year’s budget, because it might be too late.
- Re-focus the company culture: Create awareness across the organization of the risks and how everyone can keep the company safe. Build security hygiene and compliance into compensation and reward packages (if they aren’t already). The goal is for everyone to understand the importance of cybersecurity to the company and your customers, and to underscore the importance of cybersecurity as a personal responsibility.
Security Builds Trust
Those who put in the extra effort will be rewarded with a safer organization. Conversely, if your network gets infected and your servers go down, that downtime will have a disastrous effect on your company’s bottom line, not to mention the sustained operational costs and damage to reputation.
Without trust, businesses do not flourish or grow. Trust must be built into your company’s solutions, products and services. By leading from the top down, the C-suite can help ensure that the organization is protected appropriately while maintaining performance and ensuring that security measures do not disrupt operations in any way. Once the C-suite has established a security game plan for the organization and is confident that the team is performing on the right level, you can trust in your critical information flow and sleep better at night.
The Cybersecurity Mandate
People are reluctant to do business with or invest in companies they don’t trust. The massive breaches of the last several years shine a bright light on the topic of corporate cybersecurity, and the responsibility for it lies squarely on the shoulders of the C-suite. Executives cannot afford to ignore this foundational aspect of company success – for their own sake as well as that of their business.
Chris Riley has worked in IT and information security for more than 20 years. His experience in markets for identity assurance, data security, governance and risk management is extensive. At SSH, Chris is responsible for all U.S. business operations, including customer success and marketing. Chris is passionate about the work being done by SSH customers and associates regarding governance for trusted access and how that makes the world a safer place given the evolving threat landscape. Prior to joining SSH, Chris spent more than 10 years at RSA Security in various leadership roles around enterprise sales and customer success. Chris is a graduate of Merrimack College in North Andover, MA, where he majored in finance and minored in economics. He also holds a Master of Business Administration degree from Northeastern University in Boston.
Three questions the financial services industry must answer in 2021
Xformative, a Mastercard Start Path recipient, shares what these questions mean for fintech partners and their innovations
This year, fintechs and institutions alike pushed the limit on how fast, innovative, and digitally-savvy they could be. Buzzwords like cloud and faster payments made headlines, but 2021 will be about refining best practices and putting them into action. Xformative believes that more industries should benefit from digital payments and that it’s not just about faster payments, but the option to offer multiple methods.
- Which industries are lagging in the digital payments space and why? The pandemic forced financial institutions and their partners to move digital transformation into a new phase of maturity. But this doesn’t mean every industry has transformed, there are still laggards. According to a survey of more than 1,400 American freelancers and contractors, conducted by Bill.com, more than half said they were still receiving their money in the form of a physical check. Checks still exist in spaces like Property and Casualty, though we did see some reassuring industry changes this year. The year ahead will require businesses to offer more payments flexibility outside of physical checks to meet the payment needs of their gig workers, freelancers, and contractors. Businesses will rely on technology partners to bring them up to speed and simplify the payments process.
- How can fintechs overcome the challenges of building in the cloud? Most businesses want to architect using a select cloud provider, or at least offer cloud-based services, to remain competitive in today’s fast-paced, disruptive landscape. There are assumptions that cloud architecture will inherently be less expensive to operate than legacy mainframe systems, but for many, these assumptions have turned upside down when developers fail to understand cloud cost optimization principles. As fintechs look to build in the cloud, they should ensure their technology is highly optimized, only leveraging real-time capabilities and transactions when required. Responsible fintechs should focus on balancing customer experience and economics with a mix of batch and real-time capabilities, constantly asking themselves, “is real-time the best choice?” Just because real-time can be offered doesn’t mean it should, and 2021 will be about drawing the line between utilization and optimization.
- Why is offering more payment choices important? Emerging faster payments are working in parallel, not as a replacement for other methods. People want options to be able to pay however they like, whether it’s with Zelle, Venmo, Apple Pay, or traditional methods like cash or card, and financial institutions need to be prepared to meet this demand. The card that consumers once kept in their wallet was a key component of the bank’s and/or program manager’s brand value, as well as potentially communicating the cardholder’s lifestyle and socioeconomic status. 2021 will reinforce the value of financial institutions having partnerships with fintechs who can help them evolve their brand value to include the broad scope of emerging payments.
It’s time fintechs and institutions partner to digitize payments and offer choices. 2021 is about building smart and partnering for capabilities that can open the door to new opportunities at a financial institution.
2020: The paradoxical year that has reshaped the future of motor insurance and related sectors
By Alan Inskip, Tempcover CEO & Founder
There’s no doubt that 2020 will be remembered as the year that changed the world. Whether that overall change was for the better or for the worse is a matter of perspective. One thing is for certain, 2020 has been the year of immense innovation and adaptability in the face of seemingly insurmountable adversity caused by the COVID-19 pandemic. In this piece, I’ll touch on some of the greatest challenges that could have had a potentially crippling effect on the economy but instead were overcome and ultimately paved the way for increased resilience and innovation.
Public transport shunned in favour of private vehicles, but driving patterns dramatically shift
With ten months of varying national and regional lockdown restrictions, passenger numbers on public transport have plummeted as many people continue to work remotely, and with most opting for the safety of travelling by private vehicle when they do need to get out and about. But because of restrictive travel measures, motorists have been using their vehicles far less frequently.
This posed a major challenge for traditional motor insurers that were not able to swiftly adapt to this change, with many coming under fire for failing to adjust annual premiums in line with new driver trends. As motorists became increasingly frustrated having to pay the same premiums or sometimes even more despite their vehicle usage being substantially minimised, the relatively new and still largely unfamiliar InsurTech industry was able to rise to the occasion.
In short, InsurTech involves the utilisation of the latest technological innovations such as data analysis, cloud computing, artificial intelligence and machine learning to enable insurance products to become more agile and flexible in line with modern consumer demand – all while remaining price competitive.
Being fully-digital and technology-driven, InsurTechs demonstrated the flexibility and agility that enabled them to adapt to the huge shift in customer demand and step change in how insurance is purchased and consumed. They did this by offering an entirely digital user experience in near real-time, with temporary policies tailored to the time actually needed – anywhere from 1 hour to 28 days.
In a time of furlough and economic uncertainty, this meant that many motorists who were not using their vehicles regularly did not have to take drastic action like declaring their vehicle SORN to achieve short-term financial relief. Nor did they have to risk driving uninsured or committing to an annual policy that they could ill afford at the time.
The rise of the digital dealership offering temporary insurance as part of the purchase journey
In the automotive retail market, dealerships were forced to make drastic changes to their operating models to comply with social distancing guidelines. Showroom footfall and subsequent sales initially plummeted. But in the face of this immense adversity, we witnessed the rise of the digital dealership, a concept that would have been unfathomable even just a year ago.
Cazoo was the first fully-digital platform to enter the vehicle dealership market in late 2019, and there has also been significant investment this year in new entrants such as Cinch and Carwow. Traditional dealerships such as Arnold Clark, Cargiant and Motorpoint have extended the digital aspects of their purchase journeys with services including home delivery and Click and Collect as alternative options to the full show room experience.
InsurTech has been instrumental in ensuring that car insurance supports this shift to digital, as several national blue-chip dealerships, with both physical and digital showroom floors, now offer temporary driveaway insurance policies that cover the vehicle for a fixed-term, usually between five to seven days.
The entirely online one-step user experience is the first of its kind in the traditionally outdated and inflexible driveaway insurance industry and it is dramatically simplifying the process of how insurance is purchased and consumed. Due to the flexibility and agility of the digital solution, each retailer has its own unique URL, where the customer can obtain a simple single-cost policy in just 90 seconds through an entirely digital process, which fits in line with the evolving consumer purchase trends.
This takes the stress out of searching for annual insurance on the spot and provides the driver with near instant cover so that they can immediately drive their new car while giving them the opportunity to thoroughly research the best annual policy to suit their needs. It’s also an ideal solution while the car is under its money-back warranty, as the driver does not have to commit to an annual policy on a car that might be returned. Another benefit is there’s no risk to any existing No Claims Discount, as it’s a separate and standalone policy.
Declining brand loyalty and a demand for a more personalised and convenient user experience
Insurance has an unenviable reputation for being inflexible and even unwilling to adapt to shifting consumer trends – making it confusing for most customers. Even pre-COVID, there was a clear trend that brand loyalty was in decline, as modern day consumers are no longer prepared to remain blindly loyal to any company for a long-term period. Instead, they will reward businesses that offer a simple and convenient user experience at best value. COVID accelerated this trend and many large insurers have struggled to adapt accordingly.
Conversely, this has enabled InsurTech to thrive, as the products and user journeys are developed with direct input from customers to ensure that they are receiving a straightforward and fit-for-purpose solution that best fits their needs and requirements. Just some examples of this are simplified terms and conditions, near-instant and paperless policy documentation via the web or dedicated app, and data-driven customer engagement initiatives that offer personalised discounts and communication via email and text messaging. The end result is a user experience that is easier, more convenient and better value for potential consumers in the market.
Cautiously optimistic (if somewhat uncertain) future
Even in the most stable periods, it’s a challenge to accurately predict future market trends. And with 2020 completely rewriting the rulebook on how business is conducted, it would be remiss of me to make outright predictions. One thing is for certain, the days of slow, inflexible and costly motor insurance are numbered. It is important to note that this doesn’t mean that InsurTech is gaining the upper hand at the expense of the traditional insurers in a bid to replace them.
Instead it is there to fill a gap and act as a complementary add-on to provide the best possible value to the consumer. Industry players that enter new collaborative partnerships will dramatically improve the consumer experience, leading to new business wins and return custom, which ultimately impacts positively on the bottom line. But those that fail to adapt will be left behind.
I believe that we can look forward to a futuristic economy in 2021, where ground breaking technology continues to advance at an unprecedented rate to adapt to rapidly evolving consumer lifestyles and subsequent purchasing habits. The real winner will be the consumer and that is in everyone’s best interest.
Leadership and management in a WFH world
By Carolyn Moore, SVP of People at Auth0
Although many of us will have settled into some kind of groove, having worked away from the office for the best part of a year, there are still numerous challenges that businesses and their workforces face in this new reality.
One particularly pertinent challenge is the one faced by people managers, especially those managing virtually for the first time. How can you ensure productivity from those in your charge when you don’t have direct oversight? How do you have those more difficult conversations over a video call? Some of your team may be handling remote working better than others, so how differently should you be handling them day-to-day?
For the majority of businesses these will be questions they’re still grappling with. When the pandemic hit, we happened to be in the fortunate position of being a remote-first business, where 60% of our nearly 700 employees were already working from home. As a result, the uptick to 100% was far less taxing for us. In seven years of working from home, we’ve learned a lot about managing teams remotely, a few of which may help leaders who are still navigating the transition.
Keeping communication channels open to build trust
Leading a remote team is wholly different to the usual, in-office set up. Strict hierarchy, and any notion of presenteeism do not translate well into the remote working environment. You have to accept that your employees’ domestic life will necessarily overlap with their professional one.
Leading a virtual team requires trust and a philosophy of work based on results, and managers need to learn to give them more freedom to do work on their own terms, as long as they produce the intended results.
Building trust is best managed with regular communication. Frequent written communications from leaders regarding strategy, objectives, and organisational learning is crucial. It’s natural when working remotely for team members to isolate themselves and get wrapped up in their own workload. Managers need to help their teams understand how their work impacts on the broader corporate objectives. At Auth0, we adopted and adapted a technique created by Google called ‘Objectives and Key Results’ (OKRs) to enable this.
Now more than ever, make it a priority to regularly check in with your employees and always be up to date and aware of what their needs are. One of the first initiatives we kicked off in an effort to do so was our Slack ‘Coronabot’. This is a tool we integrated with our main form of communication that allows employees to self-identify if their work capacity was impacted by the pandemic. Another way that we tried to better understand the concerns and needs of our employees was holding listening sessions. From these listening sessions, we’ve rolled out a couple of initiatives to combat burnout, including Slack-free weekends and no internal meeting Fridays.
Make flexibility a priority
As the worlds of home life and work life collide, the traditional ‘9 to 5’ workday needs to evolve. Leaders need to encourage their team to devise their own schedules and complete work at those times when they’re most productive.
If in doubt, ask your employees how best you can help and trust that their answers will be honest. In our own experience we saw a need for a different approach when it came to supporting our employees who are caregivers. With childcare much less accessible, caregivers are doing double duty. We rolled out a survey to these individuals to hear directly how best we could support them and used the feedback to plan future programmes and supports.
We have encouraged these employees to take advantage of flexible working hours, should they need to adjust due to the pandemic, and are using tools like Clockwise or Slack that allow our employees to set their working hours and snooze notifications when they’re offline. This alleviates the pressure to respond, and we’ve found employees are actually happier and more productive this way, especially if you have a team spread across several time zones.
Put your culture front and centre
When you work remotely interactions between management and staff become increasingly transactional. Leaders need to avoid making decrees without explaining the reasoning behind them, and the thought process that led to them. Failure to do so can create a secondary culture within the workforce composed of rumours and hearsay, which can lead to mistrust.
Leaders therefore need to firstly be clear in the reasoning for their decisions, but also explicit about the culture they want to create. Your corporate culture must be written down and communicated frequently so employees can use them to guide their everyday work.
This is particularly beneficial for multinational companies spread across geographies and timezones and encompassing multiple cultures. Whether your teams are based in Singapore or San Francisco, they all have a code of conduct to adhere to This is crucial for dealing with conflict in a productive way and creating teams that collaborate and respect each other.
Create virtual spaces to socialise
Leaders mustn’t forget the more pastoral benefits of the workspace. Spontaneous water-cooler chats may seem trite, but they’re an essential means of colleagues building rapport and learning about one another’s lives outside of work.
Socialising should not disappear when you transition to remote work. That would be bad for business, productivity, and employee wellbeing. Instead, I would encourage you to get creative and use different functionalities of the collaboration tools you’re probably using daily. We use Donut within our Slack channels, that randomly pairs three employees together and schedules them for a meeting. The intention is to bring employees together that otherwise may never interact and have them connect on topics beyond the workplace, such as life, family, etc. Donut has been a fantastic aid in keeping our distributed workforce feeling connected. We’ve also utilised the results of both our semi-annual engagement survey and more frequent pulse surveys to give us insight into how effective these engagement programmes have been and where we could tweak them to make them even better.
Don’t neglect security
Security should always be a top priority, especially especially as people are logging into more services remotely. Your business’ IT and Security teams should have set up multi-factor authentication as the minimum standard. As new apps are connected to better enable any of the measures described above, your IT teams and managers should also be educating their teams about the access third-party providers have to their data.
Managers have a crucial role to play as evangelists of security best practice. They should be monitoring whether their teams are completing their security awareness training and, if new apps or technology are being introduced, ensuring that the appropriate channels are open for them to ask questions. The pandemic has been a lucrative time for cybercriminals, who have taken advantage of some lapses in security best practice. Ensuring security is everyone’s business, but it starts from the top.
Building for the future
For many businesses the move to remote working will have been, and is continuing to be, a difficult transition. Admittedly, remote work is not a perfect substitute for personal communication. When circumstances allow, we would recommend managers meet with their teams in-person at least once a year. managers meet with their teams at least once a year.
However, even whilst the pandemic still hampers our ability to travel and meet face to face, it is still possible to have a distributed team that is productive, collaborative, and happy. If leaders take the time and make the effort to foster a culture built on trust, it will open up opportunities for you in the long-term, no matter what that future may be.
The Coming AI Revolution
By H.P Bunaes, CEO and founder of AI Powered Banking. There is a revolution in AI coming and it’s going...
Q&A with Joe Steele, Head of Workplace Technology at Starling Bank
In just under a year, many businesses had no choice but to go online and with digital transformation on the rise...
How financial services organisations are using data to underpin future growth
By John O’Keeffe, Director of Looker EMEA at Google Cloud In addition to the turmoil caused by the COVID-19 pandemic, a...
Three questions the financial services industry must answer in 2021
Xformative, a Mastercard Start Path recipient, shares what these questions mean for fintech partners and their innovations This year, fintechs...
A quarter of banking customers noted an improvement in customer service over lockdown, research shows
SAS research reveals that banks offered an improved customer experience during lockdown A quarter (27%) of banking customers noted an...
Is Digital Transformation the Key to Business Survival in the New World?
After a turbulent year, enterprises are returning to the prospect of a new world following an unprecedented pandemic. Around the...
Virtual communications: How to handle difficult workplace conversations online
Have potentially difficult conversation at work, like discussing a pay rise, explaining deadline delays or going through performance reviews are...
Black Friday payment data reveals rapid growth of ‘pay later’ methods like Klarna
Payment processor Mollie reveals the most popular payment methods for Black Friday Mollie, one of the fastest-growing payment service providers,...
Brand guidelines: the antidote to your business’ identity crisis
By Andrew Johnson, Creative Director and Co-Founder. How well do you really know your business? Do you know which derivative of your...
COVID-19 creates long and winding road for startups seeking investment
By Jayne Chan, Head of StartmeupHK, Invest Hong Kong Countless technology and other companies describe themselves as innovators, disruptors or...