Every company operates in the digital world. Some like Deutsche Telekom also help form that world. In the third interview in the series “Digital Risks”, Thomas Tschersich, head of Group IT Security at Deutsche Telekom, discusses IT risk management. Tschersich is also giving a lecture together with Jörg Schönenborn, who heads corporate and commercial insurance at Deutsche Telekom, at the expert event “Digital Environments” organized by Allianz Global Corporate & Specialty
What place do IT risks have in your general risk landscape?
Thomas Tschersich: We consider IT risks to be an equally important component of our general risk environment. So what can you do to manage those risks? At Deutsche Telekom, when we begin a development phase – no matter if it’s for a product or an IT system – we include a security review that is observed just as rigorously as the other technical design requirements. We accompany the entire development process with our security and data protection considerations. At the end we do “digital crash tests”, safety assessments designed to reconfirm our target security level.
How important is IT security for the reputation of a company like Deutsche Telekom?
Tschersich: Essential. As a service provider, IT security is the foundation for the trust our customers put in us. From our perspective, without the appropriate IT security features, no business model is going to be successful in the internet world. Customers entrust us with their data, and they communicate using our networks. They need to assume that their data is going to be safe – and rightly so.
Thomas Tschersich: “We consider IT risks to be an equally important component of our general risk environment”
How do you “translate” IT risks so that your managers or at least your risk managers understand them?
Tschersich: There is always the danger of describing technical risks too technically. We try to solve this problem through catalogues that define easy-to-understand standards for these security features. The catalogues clearly show how not meeting a specific requirement will leave open a specific risk. Thus, for example, if I don’t include a user verification function in a system, this will result in the risk of the unauthorized use of this system.
We have defined about 20 standardized risks that all of our technical security features are designed to support. At the end of an analysis we will then have a list of standard risks that we can take to management and say if a system is sufficiently secure against unauthorized use. By making this a standard part of the development process, we create transparency and ensure a high level of security.
What can you say about the general approach to the prevention of IT risks at your company?
Tschersich: Prevention consists of three-parts: development, operation and disposal. As already discussed, you need to include IT security during the development process. Take the example of a car manufacturer. They can’t install breaks in a car after it’s left production. Then there’s the operation phase: just like you take your car to the shop for regular inspections, your IT system needs regular maintenance. And, to complete the car metaphor, at the end of it’s useful life, you need to dispose of it properly, which in the IT world means especially the thorough destruction of all data storage devices. A lot of the big IT attacks you read about these days are due to poorly configured systems. They would have been avoidable if people had just done the basics.
So it would have indeed been possible to prevent most of those losses?
Tschersich: Absolutely. But there’s something else: the antivirus industry discovers 50,000 to 60,000 new viruses every day – not all of them brand new, but still there is no longer anyone capable of analyzing them all and adapting their antivirus products to them. That doesn’t mean that you can do without antivirus programs, but we do need new concepts to deal with this many dangers.
What do you pay attention to most of all in your IT risk management? What is the largest potential threat? Cyber attacks? Human error?
Tschersich: It’s difficult to compare. Human error often opens the door for successful cyber attacks. Really, the most important means against attackers is well-trained IT personnel. The IT administrator is often regarded as a low-cost employee. But the fate of the company’s security lies in that very person’s hands. Nevertheless the job is usually located at the very bottom of the pay scale. I think that’s a grossly negligent mistake. It practically provokes human error. This is one of the most underestimated risks in today’s IT world.
And where do you see the biggest technical issues?
Tschersich: In addition to poor system monitoring and maintenance, definitely the accumulation of authorizations. You need to separate critical system components. Say you have an online shop and put your ordering functions, payment system and customer data all on the same server instead of separating them. If someone hacks into one of the systems, he has access to all three areas.
And when you look into the future, what trends to you see emerging in IT security?
Tschersich: On the attack side there’s definitely the issue of targeted attacks like Stuxnet. The second issue I see arising is the increasing professionalization of attacks. In particular you see what are called “Advanced Persistent Attacks”: attacks over a long period of time with a lot of energy behind them, not a bulldozer through the front door but rather lots and lots of little steps to infiltrate an IT structure. In the technology area, I think we’re going to experience a renaissance of digital rights management. Rather than putting the emphasis on protecting the device, it would be the specific data files that are protected.
The statements contained herein may include statements of future expectations and other forward-looking statements that are based on management’s current views and assumptions and involve known and unknown risks and uncertain-ties that could cause actual results, performance or events to differ materially from those expressed or implied in such statements. In addition to statements which are forward-looking by reason of context, the words “may”, “will”, “should”, “expects”, “plans”, “intends”, “anticipates”, “believes”, “estimates”, “predicts”, “potential”, or “continue” and similar expressions identify forward-looking statements.
Actual results, performance or events may differ materially from those in such statements due to, without limitation, (i) general economic conditions, including in particular economic conditions in the Allianz Groups core business and core markets, (ii) performance of financial markets, including emerging markets, and including market volatility, liquidity and credit events (iii) the frequency and severity of insured loss events, including from natural catastrophes and including the development of loss expenses, (iv) mortality and morbidity levels and trends, (v) persistency levels, (vi) the extent of credit defaults, (vii) interest rate levels, (viii) currency exchange rates including the Euro/U.S. Dollar exchange rate, (ix) changing levels of competition, (x) changes in laws and regulations, including monetary convergence and the European Monetary Union, (xi) changes in the policies of central banks and/or foreign governments, (xii) the impact of acquisitions, including related integration issues, (xiii) reorganization measures, and (xiv) general competitive factors, in each case on a local, regional, national and/or global basis. Many of these factors may be more likely to occur, or more pronounced, as a result of terrorist activities and their consequences. The company assumes no obligation to update any forward-looking statement.
No duty to update
The company assumes no obligation to update any information contained herein.
Round Table Feature – Attracting FDI at times of crisis
In recent years the growth of Northern Ireland’s financial services sector has been fuelled by an unbeatable combination of world-class talent, highly competitive operating costs and research excellence in a low-risk, pro-business environment.
Of course, like many economies across the globe, the COVID-19 pandemic has had an impact on Northern Ireland’s communities and many of its businesses. But, thanks to this quality combination, the sector has demonstrated remarkable resilience and continued to thrive, leading to sustained job creation and high-profile customer wins from some of its leading players, including Allstate, Citi and Aflec.
To examine the patterns behind this continued growth in the face of adversity, we recently hosted a ‘virtual roundtable’ with senior figures from established businesses across Northern Ireland’s financial services sector alongside the nation’s fintech envoy, Andrew Jenkins and Invest Northern Ireland’s Steve Harper.
Here, our panel explored the market qualities investing financial services companies look for and discussed the elements they believe a business should invest in to build resilience and as an in-market team during challenging times.
Meet the panel
John Healy – Vice President & Managing Director, Allstate Northern Ireland: John leads Allstate NI’s team of 2,200 experts. He has 25 years’ experience in technology, predominantly in the financial services domain. He has extensive experience at leading global teams, developing strategy and delivering solutions to address business and technology issues.
Keith Farley – Managing Director, Aflac Northern Ireland Ltd: Keith is responsible for setting up Aflac’s European Centre of Excellence. He has relocated to Belfast, UK and is creating a new organization that will offer both software development and cyber security solutions. With a goal of growing from 0 to 150 professionals in a few years, this team will be a critical part of Aflac’s global digital strategy.
Leigh Meyer – Head of Global FX/MM & EMEA Markets Operations Belfast Site Head Citibank: Leigh has worked for Citi for 22 years, covering a number of products from derivatives to FX. He is also the Northern Ireland Chair for TheCityUK, a private-sector membership body and industry advocacy group promoting the financial and related professional services industry of the United Kingdom.
Darragh McCarthey –Founder and CEO, FinTrU. In 2013, after many years in the banking industry in London, New York and Frankfurt, Darragh founded FinTrU in Belfast having recognised the increased demand from global investment banks for high-quality resources to navigate the ever-increasing regulatory landscape. The company employs over 600 people in Belfast and Derry-Londonderry.
Steve Harper, Executive Director International Invest Northern Ireland Steve’s role at Invest NI, the region’s main development organisation, is to promote trade and inward investment into the area.
What has been your experience as a financial services business operating in Northern Ireland during COVID-19?
Leigh Meyer, Citi NI: As a global company we have been fortunate to have the technology infrastructure to move almost our entire workforce to work from home successfully with little change to our day to day operations. In Northern Ireland, this means we continue to hire, and have successfully on boarded 172 new employees to Citi Belfast virtually over the last four months. The result has been that our client support was largely uninterrupted and continued to give our fullest care and attention in very tough times.
Keith Farley, Aflac NI: As a technology company, we have been very fortunate to have 100% of staff work remotely with minimal disruption. We were also able to continue hiring during the pandemic – more than doubling the size of our team from 19 employees in March to 50 in August.
Darragh McCarthy FinTrU: Likewise. We made the decision in early March to facilitate 100% of our employees to begin working from home. The infrastructure in Northern Ireland has allowed us to manage this transition smoothly and maintain our productivity with client delivery.
What initially attracted you to Northern Ireland as a destination for your business?
Keith Farley, Aflac NI: We were attracted to Northern Ireland for many reasons, but it really boiled down to three words we have painted on our wall: Resilient, Reinventive and Adaptable. While these words reference the long history Belfast and the nation have in agility, they were proven once again proven during this pandemic.
John Healy OBE, Allstate NI: The availability of skilled technologists was the main reason for setting up an off-shore location in Northern Ireland over 20 years ago. The original plan was to create a workforce of 200 but the quality of the people and skills available has meant that we have grown to a multi-site operation with 2,400 employees in Belfast and the North West.
Leigh Meyer, Citi NI: Put simply, its value proposition. Northern Ireland offers skilled people, competitive costs, great infrastructure and high standard of living, all with close proximity to London, the European, Middle East and Africa region. The nation also benefits from a central time zone ideal for supporting Asia, North and South America.
Darragh McCarthy, FinTrU: In Northern Ireland, there is an incredible opportunity to partner with leading academic institutions including Queen’s University Belfast, Ulster University, Belfast Metropolitan College and North West Regional College.
FinTrU has undoubtedly benefited from these mutual partnerships with our Financial Services and Legal Academies providing local graduates with the opportunity to work on the global stage with the largest Investment Banks in the world.
How can regions support businesses to be more resilient during crises like the pandemic?
Leigh Meyer, Citi NI: Regions can help ensure that the infrastructure is robust, scalable and fit for purpose – this applies to both physical and technical infrastructure. It is also essential that policy makers give clear guidance on what health and safety measures they require, to boost the confidence of people travelling to and from work and in their everyday lives.
Keith Farley, Aflac NI: We believe that investments in infrastructure continue to be critical, especially urban and rural internet connectivity as we shift to more flexible work environments.
Darragh McCarthy, FinTrU: In terms of the Financial Services industry, I feel crisis management and leadership is crucial. Having a clear strategy in place from the top can help alleviate the anxieties that others will face during a period of crisis. Regions can help businesses to be further resilient through investment in appropriate infrastructure to allow for the transition from office to homeworking in all areas across Northern Ireland.
What have external organisations (like Invest NI) been able to offer in terms of support?
Keith Farley, Aflac NI: Invest NI has been a great partner in introducing us to the region and the opportunities that exist here to hire world-class technology talent in a business-friendly environment.
Leigh Meyer, Citi NI: We have been in touch with our Client Manager throughout the pandemic. Invest NI has supported Citi from 2005, starting with the initial inward investment feasibility study and financial assistance to help expand the workforce in Belfast and training and development costs. We are also engaged with the NI Chamber of Commerce, CBI NI, Belfast City Council and universities and schools for exchange of ideas, support, driving the business agenda for the country.
Steve Harper, Invest Northern Ireland: We have worked hard to ensure that all businesses benefit from being part of Northern Ireland’s diverse economy, embedded resilience and agility. Even during the height of the pandemic, we were able to work closely with the Department of Finance and the Business Services Organisation to help match NI companies with government calls for much needed medical equipment and PPE. We received over 300 offers from businesses who expressed interest in supporting the fight against COVID-19 by developing prototypes and products for testing to ensure they comply with regulations. Many then went on to receive orders for PPE, ventilators, testing and sanitiser.
Darragh McCarthy, FinTrU: We made the decision to not avail of any COVID-19 Governmental sponsored support initiatives or furlough any employees due to our ongoing growth. However, the resources provided by Invest NI such as the ‘Recover’ support which include ‘HR advice to build skills’, ‘Build resilience through leadership capability’, ‘Invest in ICT solutions and technologies’ and ‘Operation excellence to adapt to COVID-19’ demonstrates its commitment to the companies that have invested in Northern Ireland.
Coming out of the COVID-19 pandemic, what do you think are the challenges and opportunities facing the financial services sector?
Keith Farley, Aflac NI: We are going to need to work together with employees to ensure they feel safe traveling to work, knowing that their safety is a priority, but also that people want to return to a city that is open for business. We also need to learn from the pandemic to make our work environment safer, more inclusive and flexible. As a community, we recognised the impact we have on each other, as well as the importance of human interaction. We should not take that for granted again.
Steve Harper, Invest Northern Ireland: The resilience and agility demonstrated by businesses in the local financial services sector – and beyond – throughout the crisis really sets our region apart as a positive force and a lucrative location for business. This couldn’t have been achieved without its diverse business landscape, supportive environment, and of course, its excellent calibre of people. As we move forward, I strongly believe that this experience has unleashed a renewed sense of purpose and a collaborative and enterprising spirit that will serve us well as we recover and look forward – and these are qualities that this new world absolutely needs.
Darragh McCarthy, FinTrU: Social distancing and remote working from home can leave people feeling isolated, especially those who are away from their families. At FinTrU, we invest heavily in our company culture and pay careful attention to ensure that it is not lost whilst we are working away from the office. It is important for businesses to consider the challenges faced by their people and to have empathy towards situations that may be experienced by others.
What do you think financial services organisations will look for going forward, when it comes to investing in new markets?
John Healy, Allstate NI: The financial services industry has seen dramatic technology-led changes over the past few years. Many have looked to improve efficiency and implement game-changing innovation, while seeking ways to lower costs. Meanwhile, Fintech start-ups are disrupting established markets, leading with customer-centric solutions developed from the ground up. To best serve our industry, markets will need highly skilled technologists in a range of areas: Blockchain, Robotics, AI, Cloud and Cyber Security, to name but a few. There must be collaboration between government, education and industry to prepare and sustain the skills that are required now and in the future.
Steve Harper, Invest Northern Ireland: Quality digital connectivity has proven essential during the crisis, and, as our lives move increasingly online, for these organisations it will become as critical to economic sustainability and growth as water and electricity are to our everyday lives today. Wherever you go around the world, those places that have invested in solid digital foundations have, in most cases, proven to be the most resilient. This is because digital services and solutions underpin innovation and productivity, as well as businesses’ ability to scale.
Leigh Meyer, Citi NI: Finance businesses value the ability to relocate staff effectively, source new talent and offer rewarding careers. We look closely at the broader legal, regulatory and tax regime. The UK’s operating environment needs to remain competitive, not least as the Brexit transition phase comes to an end. A robust infrastructure is also important, particularity digital/tech infrastructure in this current climate as we evolve our methods of training our employees to virtual.
Darragh McCarthy, FinTrU: Without the correct infrastructure, it would not have been possible for businesses such as FinTrU to adapt to a situation like COVID-19. This robust connectivity and investment in technology will be a very important consideration for any company when investing in a new market. However, risk and cybersecurity represent an important area for Financial Services organisations to consider. This industry is more reliant than ever on technology, and a lack of risk management or compliance can cost an organisation greatly.
Finally, I feel the most important consideration for a company when it comes to investing in a new market is the people. The talented workforce will make up your organisation in terms of the client delivery as well as shaping the company culture.
Is the upskilling of compliance teams in financial services the key to delivering fast and effective identity verification?
By Charlie Roberts, Head of Business Development, UK, Ireland & EU at IDnow
With the global pandemic driving the world’s population online, identity fraud is becoming increasingly attractive to criminals. In 2019, even before COVID-19 struck, the UK fraud prevention service – Cifas – recorded in excess of 223,000 cases on its National Fraud Database, an increase of 18 percent on the previous year and a 32 percent rise over the previous five years. And looking ahead, experts predict that by 2021, the damage caused by internet fraud will reach $6 trillion, making cyber fraud one of the world’s fastest growing and most dangerous economic crimes.
Of particular concern for the financial services sector, is IBM’s recent report which revealed that in 2019, it was the most targeted industry for cyber criminals.
As a result, perhaps unsurprisingly, financial institutions are increasingly being thrust into the spotlight when it comes to digital security and protecting the identities of their customers.
These worrying figures are certainly one driving factor in the UK government’s new Digital Identity Strategy Board, which has developed six principles to strengthen digital identity delivery and policy in the country.
So how can financial institutions tackle the growing problem of cyber crime? We caught up with Charlie Roberts, Head of Business Development UK&I at IDnow, to talk about the importance of upskilling inhouse teams in a bid to deliver fast and effective identity verification.
What is the benefit of taking a hybrid approach to identity verification?
We already know the important role technology is playing in the fight against cyber criminality – from biometrics and machine learning to artificial intelligence (AI) – and we recently discussed the significance of supplementing this verification technology with human identification experts. These professionals are able to use their intuition and understanding of human interactions and behaviours to identify when a person is being coerced or dishonest.
However, while these highly skilled and trained identification specialists are playing a vital role in the fight against cyber and identity crime, for some financial institutions, particularly larger banks, they present a barrier.
How will owning the entire verification process benefit financial institutions?
Working on a SaaS basis, typically, identity software vendors provide financial institutions with the software and technology required for identity verification however, the final decision on verification rests with the vendor’s algorithms or ident specialists.
However, many banks want to own the entire verification process, from utilising the technology and software to making the ultimate decision on the identity of a person. By handing this level of control over to the bank, institutions can integrate the verification systems within their own infrastructure, enabling the people that know their brand the best to set their own levels of security and determine what is authenticated and what is declined.
Why should banks consider upskilling inhouse compliance teams?
While working with a third-party verification specialist is the preferred option for some, for others, the idea of upskilling and training existing compliance teams in identity verification is the priority, empowering the bank to own the process and the risk. Long term, it will also provide significant cost savings while showcasing a major investment in talent and people, which will undoubtedly help attract and retain customers too.
Is the time right to invest in inhouse identity verification systems?
With the UK seeking to develop a legal framework for digital identity, it is clearly becoming an increasingly important feature on the governmental agenda, not least to ensure that not only can people feel safe online, but also to deliver faster transactions and ultimately add billions to the economy. As such, all eyes will soon be turning to the safeguards the financial sector is putting in place to help protect the online identities of customers.
Arguably then, now is the time to invest in a robust identity verification system that will not only provide the advanced technology needed to automate the process, but that can help train and upskill inhouse teams to truly deliver an embedded and hybrid approach to identity verification at a time when it is of paramount importance.
ZeroBounce COO Brian Minick Talks Email Marketing and Deliverability
For a channel that’s been deemed “dead” by some, email marketing is doing more than well. You can expect an average return of $42 for every dollar you invest. But what does it take to achieve such a high performance?
In this exclusive interview, ZeroBounce Chief Operating Officer Brian Minick breaks down the main ingredients of successful email campaigns. With more than 10 years of experience in Operations, Minick and his team are currently helping thousands of email senders across the world land in the inbox. Let’s see what he has to say about improving inbox placement, engagement, and email marketing ROI.
What are the biggest changes you’ve seen in email marketing this year?
So many facets of the economy and the world have slowed down drastically or even stalled completely, but one thing showing no sign of stopping is email marketing. Email marketing is doing better than ever, but there are also new challenges that go along with this year.
Email engagement has gone up 200 percent since the pandemic hit. With everything being pushed online, it makes sense that businesses and people are heavily relying on email.
However, that’s not to say email marketing hasn’t suffered in other ways. There has been a massive increase in what we refer to in the industry as “churn.” Many were laid off or placed on leave. With their email addresses removed or abandoned, this has resulted in a rapid decline in email list quality.
Those bouncing emails lead to lost opportunities if companies don’t validate their lists regularly. Especially for the B2B sector, taking measures to restore email hygiene is paramount during these months.
How has ZeroBounce adapted to these changes to stay relevant in the market?
For starters, we can easily help senders identify the bad email addresses once they get turned off. It’s important for many reasons, and one is to make sure you’re reaching real people.
Apart from that, we recognized our customers needed more tools to make their email marketing successful. So, this year, we launched three deliverability tools: a mail server tester, blacklist monitoring and an inbox placement tester. They all help marketers detect potential issues before they send, so they can increase their chances of landing in the inbox.
It’s a crazy time for all businesses and as the needs change, ZeroBounce likes to stay one step ahead.
From your experience talking to customers, what are the main challenges they have? How do they overcome them?
Most of them have old databases that need cleaning. They may have an email list that has been dormant or neglected, and it causes bounces and spam complaints.
Sending newsletters or promotions to an outdated list is not a good idea. It jeopardizes the deliverability of emails to every person on the list, even the valid contacts. We help them get rid of the bad, ineffective and fake email addresses. Thus they can communicate more efficiently, boost their brand awareness, and increase ROI.
So many things go into creating a successful email campaign. What would you say are the most important ones?
It’s so important to have a list made up of people who double opted in because you know they want to be there. Just as important is making sure all of your email addresses have been verified. These things ensure the greatest chance of arriving in the inbox.
But showing up, and doing so consistently, is only one part of it. You also need great subject lines. Your subject line is the first thing people see and it has a dramatic impact on your open rates.
Finally, well-written, relatable copy and a great call-to-action can push you across the finish line.
What type of content do you think brands should send out during these difficult months?
It’s a tough time for so many. Brands have had to adapt their messaging and tone of voice, and those that didn’t have seen a decrease in engagement. People are less likely to respond to hard sell pitches right now. So, they key is to create content that shows genuine empathy – whether that content is for email, social media or other channels you use.
Keep in mind that everyone has felt these months, and some more than others. Show you’re there for people in a meaningful way.
Please give us one “trick” anyone can use in their email marketing today and see immediate results.
Come up with two great options and then use A/B testing. Go with the one that works better!
What can you imagine in the future of email?
With email growing in every way, and all indications showing no sign of slowing down, I see it getting even harder to land in the inbox. And if and when you do, every one of your emails will be competing with so many others.
Marketers are constantly refining their tactics and fine-tuning personalization to deliver the most relevant content, to the right person, at the right time. The competition will be even more intense, and that’s a good thing: it forces us all to get better.
What would you say to those struggling to keep their businesses afloat right now?
Email marketing costs you very little, but has a great ROI. Keep on pushing and sooner or later you will find success. It is one of the most affordable ways to get in front of millions of people. If you aren’t using email to its fullest potential, don’t think about the time that has passed. Think of all the opportunities ahead of you.
It’s not too late. In fact, in many ways, it’s just starting.
Dealing with the loneliness crisis with assistive technology
By Karen Dolva, CEO and Co-Founder of NoIsolation Humans are social beings, and for most children, school will be their...
Round Table Feature – Attracting FDI at times of crisis
In recent years the growth of Northern Ireland’s financial services sector has been fuelled by an unbeatable combination of world-class...
UK versus Australia – data regulation on both sides of the world
By Guy Hanson, VP, Customer Engagement, Validity While consumer data privacy continues to be a hotly debated topic and many...
COVID-19 is changing people’s preferences when it comes to BTL investments
By Jamie Johnson, CEO of FJP Investment Throughout 2020, investors have had to navigate increasingly treacherous and volatile market conditions...
Three things to help fintech unicorns grow profitability
By Kash Amini, CEO and Founder of MasLife The new breed of fintech companies is missing a trick with a...
How banks can take on Google in the race for AI talent
By Nicola Sullivan, solutions director at candidate engagement tech firm Meet & Engage The events of 2020 have made the...
Furlough Fraud: genuine mistake or cheating the system?
As the furlough scheme comes to an end, many employers will be at risk of falling foul of its stringent...
Five features that decrease the value of your home
When you’re preparing to sell your house or flat you might think of various steps you could take that might...
Regulatory overlaps cause conflicts, confusion and complexity: is collaboration the answer?
By Rob Fulcher, Head of Business – Americas, CUBE Global Regulatory overlaps are an ongoing, perplexing and often time-consuming anomaly....
Shifting Priorities in the Age of Digital Transformation
Creating the analytics-driven enterprise with a “strategic enterprise intelligence system” By Dennison DeGregor, Vice President of Analytics, Trianz In the...