Connect with us
Finance Digest is a leading online platform for finance and business news, providing insights on banking, finance, technology, investing,trading, insurance, fintech, and more. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website.

FINANCE

By Altaz Valani, Director of Insights Research at Security Compass

The financial services industry is forecasted to be worth $300bn by 2022, but despite this fintech companies are still facing important decisions when it comes to their digital transformation plans.

Between ever increasing customer expectations and the requirement to comply with changes in the regulatory landscape, fintechs are under increasing pressure to ensure innovation is properly and securely implemented.

The risk for a financial services firm of a large-scale data breach or software vulnerability being exposed could see operations paused and substantial penalty fines issued by regulators in the event of a serious security breach. However, the impact of such a scenario goes beyond the financial, with damage to brand reputation also a significant factor.

From biometric authentication and Robotic Process Automation (RPA) to Artificial Intelligence (AI), the ever-increasing adoption of new technology within the financial services industry is only deepening the volume of customer data at potential risk.

Threats from the inside and outside

Managing this risk carries both internal and external challenges for fintechs. Internally, the main areas of concern are typically focused around ensuring there is the required cyber skills, knowledge and expertise within the team; while externally, keeping up to speed with regulation is just as demanding.

This means that balancing a desire for innovation and growth with robust security and risk management processes is absolutely vital for fintechs. Just as the nature and variety of cyber threats continues to grow and vary, every new digital service and product carries an ever-evolving range of security risks.

Managing the cloud

Due to the perceived value of the information held, the financial services industry has traditionally always been one of the main sectors for targeted data breaches. Consequently, many financial services organisations have focused their IT infrastructure on the cloud as a solution.

However, cloud migration actually increases the attack surface of applications, which is why the need to meet security and compliance requirements cannot be overlooked when deploying new apps directly in the cloud or developing automation-as-a-service or analytics-as-a-service capabilities.

Aligning security and digital delivery strategically is therefore one of the most complex challenges facing financial service businesses. As a result, many are turning their attention to Balanced Development Automation (BDA) as a solution.

Aligning security with DevOps – BDA

In order to try and ensure a competitive edge in the long term, fintechs must create synergies between their business, security, and DevOps teams. This is where BDA can play a vital role because it aligns DevOps with security, ensuring the latter is ‘baked’ into the software development process.

BDA acts as a guide through every step of the software development process, ensuring security checks are built in from the beginning, ultimately enabling DevOps teams to deliver secure products. This is essentially a three-step process:

1) Security should equip the development team with awareness of what is required from a security controls perspective, and likewise for risk and compliance. Developers need to know from the inception what these parameters are and factor them into their work from the start.

2) The second stage is examination of security metrics based on existing controls and emerging risks. The end result of this might be creating new controls, but they have to be developed with an understanding of impact based on cost and business exposure. It is ultimately a business decision to determine the right risk threshold.

3) The third and last stage of the BDA process sits with governance at an audit and board level. Metrics collected from the first two stages are rolled into this and KPIs measured at this level are based on core business concerns around areas including compliance, resilience, reputation and cost.

These three stages equip fintechs with a BDA programme that is aligned with business objectives while constructing appropriate guardrails that govern the execution and delivery of the software. With this alignment, DevOps and security teams can execute development in a balanced way while managing risk.

Matching innovation with security

The success or failure of fintechs today can often depend on how they are able to balance the adoption of new technologies with maintaining the privacy of their customers and the security of their customers’ data.

This is a delicate balance that requires action from outset to identify and address risks. By building security into applications from the very beginning of the software development lifecycle, financial services companies will be able to align security, compliance and risk priorities with the overall business goals.

Continue Reading

Why pay for news and opinions when you can get them for free?

       Subscribe for free now!

By submitting this form, you are consenting to receive marketing emails from: . You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact

Recent Posts