Editorial & Advertiser Disclosure Global Banking And Finance Review is an independent publisher which offers News, information, Analysis, Opinion, Press Releases, Reviews, Research reports covering various economies, industries, products, services and companies. The content available on globalbankingandfinance.com is sourced by a mixture of different methods which is not limited to content produced and supplied by various staff writers, journalists, freelancers, individuals, organizations, companies, PR agencies etc. The information available on this website is purely for educational and informational purposes only. We cannot guarantee the accuracy or applicability of any of the information provided at globalbankingandfinance.com with respect to your individual or personal circumstances. Please seek professional advice from a qualified professional before making any financial decisions. Globalbankingandfinance.com also links to various third party websites and we cannot guarantee the accuracy or applicability of the information provided by third party websites.
Links from various articles on our site to third party websites are a mixture of non-sponsored links and sponsored links. Only a very small fraction of the links which point to external websites are affiliate links. Some of the links which you may click on our website may link to various products and services from our partners who may compensate us if you buy a service or product or fill a form or install an app. This will not incur additional cost to you. For avoidance of any doubts and to make it easier, you may consider any links to external websites as sponsored links. Please note that some of the services or products which we talk about carry a high level of risk and may not be suitable for everyone. These may be complex services or products and we request the readers to consider this purely from an educational standpoint. The information provided on this website is general in nature. Global Banking & Finance Review expressly disclaims any liability without any limitation which may arise directly or indirectly from the use of such information.


Rob Lay, Customer Solutions Architect in UK & Ireland, Fujitsu

We live in a world that is characterised by innovation, and FinTech is the latest significant demonstration of this.  As with many areas of IT, businesses are looking for ways to make their business processes more efficient, more dynamic, less onerous from a management perspective, and fundamentally more profitable.  FinTech is a great example of this by enabling faster, more effective payments and financial transactions which carry a significantly lower administrative overhead. Thanks to automation, businesses are able to reduce overheads, deliver better customer service and therefore drive better profits and customer satisfaction levels.

But these advancements also carry risks.  The same businesses that benefit from the advances in technology – not just in FinTech but across IT – can also suffer should customer data get lost or payments get intercepted.  This is nothing new – FinTech has not introduced any new challenge – but it is another example of how a company must consider its broad risk portfolio when looking at new innovation.

With security rapidly becoming a non-discretionary spend item at board level, and the increasingly digital nature of business, companies need to ensure more than ever that they include security as a standard part of how their business functions.  This includes technical elements such as ensuring that security is included in the software development lifecycle, but also has to extend to the broader business.

Development of an information or cyber security strategy, and more importantly the alignment of this strategy with the broader business goals is key to ensuring its inclusion and that it has the appropriate support from stakeholders.  However, few businesses will have unlimited security budgets, and equally will be wanting to prioritise spend on innovations that will help drive the business forward such as FinTech. So the challenge remains – how can businesses develop an approach that allows them to apply appropriate levels of investment in the correct places to enable the business to deliver against its goals whilst remaining secure?

A risk based approach is the best route to take as it allows the business to determine their risk appetite, based on their business strategy, market conditions, and the competitive market place.  This allows businesses to remain agile, changing their risk appetite as necessary and ensuring that they are able to mitigate their risks accordingly.  More importantly, businesses should strive to understand the threat landscape that they specifically face. The sheer volume of threats that exist today means that trying to protect from everything is a route to failure.  By working with partners and drawing on sources of threat intelligence, companies can develop a view of the threat landscape which is relevant not only to their sector, but to their business.  The result is the ability to accurately target security focus and investment, ensuring that the company is able to mitigate those threats that pose it the most significant risk.

One of the most important aspects of the risk based approach, is to develop an ongoing risk management process that allows businesses to ensure that they are able to manage and understand their risk on an ongoing basis.  Whilst a risk assessment is a key part of this, it only provides a point in time view of the risks that the business faces. Risks change and develop over time and it is important that businesses are able to understand these changes and ensure that the mitigation for those risks is reviewed and changed as appropriate.

Companies should also remain cognisant that whilst they can maintain a risk based approach to securing their business, they should also remain ready to respond in the event of a breach or incident.  Many companies do not have sufficient mature incident response processes in place to ensure that small and potentially insignificant incidents do not end up becoming major issues.   Businesses should look to develop, mature and practice incident response processes to ensure that all the relevant staff and business areas understand their roles.  This will help businesses respond quickly and efficiently to issues and incidents when they occur.

In general, businesses should always look to embrace new technologies, ways of working and automation capabilities, however this has to be done in a way that aligns with the businesses’ strategy and the threat profile that it faces.  Once these are understood, informed business decisions can be taken that allow companies to remain competitive and in control despite an ever changing threat landscape.