Connect with us

Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website. .

Technology

Why outsourcing is a great option to help fintechs overcome their cybersecurity challenges

d - Global Banking | Finance

By Mark Nicholls, CTO at Redscan, A Kroll Business

In the last decade, financial services giants have lost ground to start-ups with digital and cloud-first business models. The Bank of England estimates that billions of pounds are invested into fintechs ever year, and that more than a third of the globe’s digitally active population regularly use fintech services. 

Unfortunately for them, fintechs are not only garnering positive attention from consumers, but also catching the eye of cybercriminals. The volume and value of data, as well as the intellectual property (IP), held by fintechs has made them an extremely attractive target for criminals. 

Since the reputational impact of a data breach in this competitive sector can be so costly, hardening defences must be a top priority for all fintechs. For many, this will mean outsourcing sections of their security to a specialist provider of managed services.

a1 - Global Banking | Finance

Mark Nicholls, CTO at Redscan

The challenges                                                                      

There are several common cyber security challenges within fintechs. Some are widely accepted as part of being a rapid growth company, others are specific to the nature of fintechs. However, they all need to be recognised and addressed: 

  • Fast product development leaves gaps in security: In a crowded market, being first to market can be vital to success. As such, fintech product development is often extremely fast, especially when creating applications, platforms and portals. Despite using the latest cutting-edge technologies in their development methodologies, security misconfigurations are common, and vulnerabilities often slip through gaps whilst speed is prioritised.
  • Rapid growth in data and infrastructure can become unmanageable: Many fintechs can appear to go mainstream almost overnight, gaining huge traction with consumers very quickly. With the rapid onboarding of customers, high-growth fintechs suddenly have a massively expanded footprint and are faced with the task of protecting more data and assets. As a result, the attack surface that cybercriminals are able to target also grows.
  • Slow hiring processes leave skills gaps: Amid all this fast growth and development, fintechs must recruit, but the hiring process can be slow, and budget simply might not extend to recruiting large teams of dedicated security professionals, particularly in the early phases of growth. This often leaves fintechs with skills gaps in their cybersecurity function as the customer onboarding outstrips the speed at which they can recruit security pros.
  • Compliance: FCA, PRS, PSD2, GDPR, PCI, DSS – more than just acronyms, but vital legislations and standards to protect assets and data. Companies, both large and small, have the same compliance challenges, but fintechs often have to navigate this minefield without the resources and knowledge that more established players have.
  • Detecting and responding to threats: Unifying visibility over a huge range of infrastructure can be very difficult for fintechs as they grow, meaning that breaches may go unnoticed, especially if they don’t have the resources or staff to carry out 24/7 monitoring. Even if monitoring is in place, the large volume of security alerts that are generated can lead to alert fatigue, in which case many threats can simply slip through the net.

Why outsourcing is the answer 

Fintechs must overcome all these hurdles to remain safe and compliant but doing so can be overwhelming. This is why outsourcing some security functions can be beneficial. 

Bringing in a trusted third party can really help to ease the cybersecurity burden on fintechs, particularly for the fastest-growing companies. Of course, each security provider has its own area of expertise, so choosing one based on your own individual needs is important. Good providers will have the field experience, technical knowledge, 24/7 support capabilities, and tools that can be onboarded much faster than new hires. They will also have a better awareness of the security landscape and the latest threats affecting financial companies, as they have oversight across multiple organisations and the ability to apply actions at scale to numerous customers when they spot suspicious activity. 

A fintech may have very little expertise in detection and response to security threats – which is crucial, since a faster response invariably results in less damage. Many young fintechs would be advised to outsource this function as they focus their resources on growing their business. They then might need help penetration testing their app and platform against the latest security threats before taking it to market. As it matures, a fintech will require more proactive threat hunting and a thorough evaluation of their systems, or perhaps some guidance on the latest compliance updates. A good cyber security service provider should be able to deliver all of these services, and truly partner with a fintech to become an extension of the in-house security team. 

Although fintechs are often considered to have a leg up on more traditional financial institutions on issues like cybersecurity, there are still plenty of challenges for fintechs to overcome. In my experience, bringing in a trusted third party in the most urgent areas to supplement their own cybersecurity team can really help fintechs to alleviate some of the security pressures they face.

Global Banking & Finance Review

 

Why waste money on news and opinions when you can access them for free?

Take advantage of our newsletter subscription and stay informed on the go!


By submitting this form, you are consenting to receive marketing emails from: Global Banking & Finance Review │ Banking │ Finance │ Technology. You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact

Recent Post