Connect with us

Finance

CISOs IN FINANCE: HOW TO LEAD THE PRIVACY STRATEGY

Sophie Chase-Borthwick, Director of Data Ethics and Privacy, Calligo

 

Privacy is essentially just a data security problem, right? Surely, the requirement to act more responsibly with personal and sensitive data equates to protecting it better, encrypting it and preventing hacks and leaks?

 

Many financial businesses assume exactly this, and that data privacy, whether GDPR or California’s new CCPA, is merely an IT security problem. However, it goes far wider than that.

 

For the chief information security officers (CISOs) that have been assigned responsibility for privacy within their organisation, it can often be seen as an unenviable task. Few boards and and executive teams understand the detail of what is required for GDPR adherence or Privacy by Design to assign enough or the right resource to the task.

 

In fact, we regularly hear stories from financial services organisations of all sizes about shoddy approaches to data privacy, especially GDPR, with some assuming that just because they have a data security function, adherence is a given.


However, as an experienced CISO, you will understand that privacy is not as simple as ring-fencing your data. You will appreciate that because GDPR in particular requires the responsible management and use of data, just as much as its responsible protection, that a privacy strategy needs involvement from every part of a financial organisation, including marketing, HR, sales etc.

 

But many businesses did not think like this. Or more accurately, many CISOs were fully aware of the extent of the task, but were not given the time or resource to address it appropriately. Many were forced to focus on the parts they could fix the fastest and the easiest, predominantly technology and data protection, leaving major gaps in processes and people – the two other equally-important pills of adherence.  

 

Others were bending over backwards to cover the basics of the new requirements, but saw their wider security strategies either derailed or delayed in the process, leaving many financial businesses more susceptible to security breaches than they were before. These are real scenarios that we have seen time and again amongst our clients.

 

So, how is it possible to balance data privacy with wider security strategy? Many argued when GDPR came into force that it represented a huge opportunity for those in CISO roles to change the perception of their input and value to a business; from simple data protection to instead safeguarding data across its entire lifecycle.

 

But how can you put this into practice? How can a CISO build the strategy that achieves the immediate data privacy goal, while enhancing – not weakening – wider data security initiatives, and their own standing?

 

Assess your business holistically

There are eight domains that require addressing for a successful privacy strategy: governance and accountability; risk management; security management; third party management; incident management; personal information management; rights of data subjects; and finally, understanding the scope of your organisation as it pertains to the relevant legislation.

The most obvious observation for many CISOs will be that many of these areas are outside their traditional scope. However, they all need equal attention and they are all unavoidably part of the project they are leading. The trick is to not let yourself focus on only the more easily-addressed “home turf” security areas, nor be drawn by the business too far into the non-security areas.

Ask for help

For some, this will be one of the hardest steps – either personally or politically – but it is essential. As mentioned above, there are eight areas that need addressing equally. This means that assistance from experts across the wider business is vital. No one expects a CISO to be well-versed in the legal rights of data subjects, or in how to build a perfect Privacy Policy, but you will need to recruit support from the internal subject matter experts who are, then act as the intermediary between them all, and lead from the front.

Perform a GAP analysis

Before you can even think about aligning your organisation to a privacy strategy, you must identify your baseline and areas of improvement. What are the minimum requirements within each of the eight areas for your business to be in line with the legislation facing you? And, what constitutes particularly robust observance? Finally, where on this spectrum are you aiming for and how does that compare to your current state?  

Present your action plan

The GAP analysis will have provided you with a starting point and a series of non-conformances to address. The next step is to prioritise the remedial tasks required and plan how they will be executed. It is however imperative to demonstrate that the plan is tied to, but not wholly based on, the security strategy. Sales, marketing, HR, IT etc. must all understand that they have equal parts to play, and be equal in their accountability.


Secure wider resource

The final part of the process is to identify the most suitable individuals to assist. This controlled delegation maintains the CISO’s position as the lead on the project, ensures good project management and execution, while also safeguarding the security team’s resources.

 

It’s clear that a privacy strategy is an organisation-wide initiative and encompasses all areas of technology, people and processes. It requires far more than building higher walls around your data, or simply gaining renewed consent from customers. However, it’s important to remember that this will not be widely understood, and given it is commonplace post-GDPR for CISOs to be handed responsibility for privacy, you will need to take the initiative on a whole host of procedures and processes that span your entire enterprise – and may not be within your comfort zone.

However, get it right and you will engender more trust from within your customer base – an important commercial outcome that you can take no small amount of credit for.

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Finance

WILL BLOCKCHAIN REVOLUTIONIZE FINANCE?

By Ken Timsit, ConsenSys

 

Over the last 10 years, researchers, software developers, start-ups, and large companies have been conducting experiments aimed at determining whether networks based on blockchain technology can ultimately – in whole or in part – replace the infrastructure on which financial institutions and capital markets are built.

 

In today’s electronic databases, any information can theoretically be replicated at will. This is why most governments allow only regulated actors to keep records of digitized assets (banks, depositories), to avoid pitfalls such as the execution of misleading transactions or the creation of artificial assets. With blockchain, these pitfalls can be avoided at the source code of the technology, which is available to all members of the network. The creation of Ethereum enabled a more robust blockchain network capable of “smart contracts”, which once programmed, can run automatically without the results being modified or manipulated.

 

Contrary to what some critics argue, the potential of the blockchain is not the creation of a free and unregulated space in which everyone can invent new financial instruments. Rather, the potential lies in creating a much more efficient and globalized commercial and financial infrastructure, in which many layers of control and intermediation are no longer needed as they are replaced by transparent and immutable IT rules that ensure the same risk management functions.

 

For example, bonds are essential financial instruments on which a large part of our economy and savings are based. The issue and exchange of a bond requires the intervention of several dozen financial institutions (issuers, intermediaries and investors). Some regulated players in this intermediary chain exist mainly to ensure that it is possible to know, at any time, who holds each bond, in order to guarantee their rights to its bearers.

 

It is theoretically possible to simplify these stacks of operators by linking them to a global blockchain network, open to all stakeholders in the industry. The blockchain network can thus ensure at any time that the number of outstanding bonds corresponds exactly to the number of bonds issued, and that each exchange transaction is carried out without the risk of default.

 

The blockchain revolution is first and foremost the reduction of costs and delays caused by the current financial infrastructure. The blockchain revolution also creates innovation opportunities for consumers, savers, and investors.

 

 

The Web3 revolution, often used to refer to the blockchain revolution, will be driven by the reduction in transaction costs, allowing the emergence of new peer-to-peer business models that we are not yet able to accurately predict, but which will probably participate in a rebalancing of the relationships between financial institutions and their clients. Some international peer-to-peer payment and loan-to-peer savings investment models are already attracting increasing interest from the most sophisticated consumers.

 

Where are we in 2020?

Today, the blockchain revolution is still in its infancy. Transaction volumes through blockchain networks, public and private, are low compared to those of existing systems. The fixed costs of the technology are still relatively high, and the user experience leaves something to be desired.

 

However, innovations abound. It is already possible for me, from my smartphone, to buy digital assets whose value is equal to about one US dollar, and to lend them in three clicks to other users who will pay me between 1% and 10% per year for this service, depending on the type of platform.

 

The number of large operational business projects is still small, but very promising. Numerous international commodity trading players have joined forces to create Vakt and komgo, two platforms that contribute to a significant simplification of trade and oil financing. Similar and competing projects, Voltron and Marco Polo, are being launched. On the corporate side, the Capbridge 1x platform (Singapore) already allows shares to be traded on an Ethereum blockchain network. Other important projects such as LiquidShare (France), SIX Digital Exchange (Switzerland), Daura (with Deutsche Borse and Swisscom in Switzerland), Synapse (Hong Kong Stock Exchange) are in preparation. The World Bank, Société Générale and Santander have issued bonds on an Ethereum blockchain network. These initiatives are still experimental but have attracted significant interest from financial institutions around the world.

 

And of course, many projects aim to revolutionize global payments by creating digital assets on blockchain networks that are fixed in Euros, U.S. Dollars or other currencies, such as those of the Monetary Authority of Singapore, the South African Reserve Bank, and Union Bank of the Philippines. Since the announcement of the Facebook-initiated Libra project, many governments have expressed concern about the possibility of private companies controlling global payment flows, and have asked their domestic financial institutions to redouble their efforts to explore competing initiatives.

 

All of this is to say that adoption is happening, albeit gradually. The middlemen and intermediaries of the financial world will not be replaced overnight. Moreover, the exact formation or architecture of the new financial system is impossible to predict with accuracy. However, it’s safe to say that blockchain will enable a financial system that is more efficient and yields more value-add to consumers, users, and investors.

 

Continue Reading

Finance

RECOLLECTING 2019 CRYPTOCURRENCY TRENDS & LOOKING FORWARD TO 2020

Marie Tatibouet is the CMO at Gate.io

 

It has been a bold and progressive year for the digital asset market with exciting announcements flowing in from technology behemoths and government bodies around the world. However, Facebook’s launch announcement of Libra (though they are now facing regulatory issues) and China’s new cryptocurrency law caught all the attention, affecting the Bitcoin price, and the overall market sentiment.

In 2019, the global market saw several catalysts emerging for mainstream adoption despite increased scrutiny around several burning issues such as wash trading and security breaches. For over 400 cryptocurrency exchanges in the world, being able to constantly improve on aspects around user experience and fund security is the only way to be sustainable. However, only a handful have real trading volume and technical expertise to build strong trust in the community. For instance, global wash trading has been the hottest topic of discussion in 2019 but new rankings on CoinMarketCap clearly indicate that the industry is working towards eliminating market manipulation.

 

Looking back at 2019

In 2019, digital asset organisations have constantly innovated to attract users but at the same time, the trading process has become increasingly fragmented, spiking the time gap between new users becoming long-term users.

 

Marie Tatibouet

Holding & Lending Funds

Since 2014, the Bitcoin margin trading market has expanded from $10 million to $100 billion. Margin trading has been a great use case in the cryptocurrency space. Many exchanges launched the feature to provide diversity to the trading experience and attracting a huge amount of users to the platforms. It allows traders to multiply their profits on successful trades, providing a range of possibilities for both profits and losses.

Staking is a process where users can buy digital assets and earn interest by keeping (holding) them in a cryptocurrency wallet for a particular period of time. It has proved to be a strong use case for digital asset companies as it encourages user participation. In 2019, staking programs brought stable earnings for cryptocurrency investments made by the users. For instance, HODL & Earn launched by Gate.io in August 2019 has been bringing stable earnings for cryptocurrency investments made by its users. The competitive advantage for HODL & Earn is its annual interest rate, which is as high as 32%.

 

IEO

Crowdfunding as an approach to build and grow products has seen a lot of traction over the last decade or so. One of the highlights this year was the emergence of “Initial Exchanges Offerings”, more commonly termed as IEOs, an alternative to traditional IPOs where companies can raise funds by selling a quantity of digital assets to investors, supervised by cryptocurrency exchanges. With over 1.5 Billion funds raised, IEOs shook the entire cryptocurrency space in 2019.

Owing to the richness and variability that we have seen so far, there has been no one clear winner to pick, but there’s also no ignoring the leaders; Gate.io has the second best average IEO returns, raising over 80 million dollars in its first 5 projects and has similar offerings panned out for 2020.

 

Source: https://medium.com/@neironix.io/top-8-largest-ieo-whats-happening-to-them-now-f7e60a638dda

 

Deals and Discounts 

Discount deals are being increasingly leveraged by digital asset companies, encouraging users to maximize their capital. Holiday seasons such as Black Friday are packed with jaw-dropping discounts. However, as an industry, we should aim to integrate discounts in digital currencies into the mainstream world, which would bring price stability.

 

Dynamic User Relationship

Cryptocurrencies are being taken seriously and companies are designing consumer-specific strategies. It is a great indication of the fact that more and more people are interested in trading digital assets. However, we have a long way to go when it comes to tackling the industry challenges and unlocking value for the entire ecosystem.

 

Regulation, Security, and Mass Adoption 

Central banks of the US, Europe, China, and Ghana are looking at creating their own central bank digital currencies, putting a structure to the adoption of the blockchain technology across finance and other industry verticals. Japan’s recent regulation amendments, China’s new crypto law have laid the right frameworks for mainstream crypto adoption.

While we have major countries pushing for the mainstream adoption, security remains a major concern. Cryptocurrency thefts and frauds in Q3, 2019 annual stand at USD 4.4 billion and this will only increase if fund safety mechanisms aren’t strengthened. Therefore, the strongest will survive as far as digital asset security is concerned.

Nonetheless, blockchain technology is helping to create an innovative and accessible financial system around the world and its mainstream adoption is closer than we can fathom.

 

Continue Reading

Magazine

Partner Events

Trending

Banking3 days ago

BANKS UNDER ATTACK: HOW FINANCIAL INSTITUTIONS CAN PROTECT DIGITAL GROWTH

By Victor Acin, Threat Intelligence Analyst, Blueliv   Financial services firms are increasingly being told to embrace disruption in order...

Banking3 days ago

THE ROLE OF NEW TECHNOLOGY IN DEVELOPMENT OF MYANMAR’S BANKING INDUSTRY

U Htoo Htet Tay Za, Managing Director, AGD Bank   Myanmar’s economy is one of the fastest growing in Asia...

Business3 days ago

WHY 2020 IS THE RIGHT TIME FOR FS MODERNISATION

Chris McLaughlin is chief product and marketing officer at Nuxeo   Few would argue against the notion that the UK...

Top Stories3 days ago

WHAT DOES 2020 LOOK LIKE FOR P2P LENDING?

By Roberts Lasovskis, Investment Platform Lead, TWINO   It’s a new year; time for resolutions and forward planning, positivity and...

Business3 days ago

WHY MAKING MONEY ON YOUR MOBILE IS EASIER THAN YOU MIGHT THINK

Aaron Brooks, Co-Founder of  Vamp   For Millennials and Generation Z, becoming a social media influencer is an increasingly desired...

Interviews4 days ago

DIFFERENTIATION – THE KEY TO THRIVING IN A SATURATED MARKET

Graham Glass, CEO of Cypher Learning   What has enabled Cypher to continue to grow in an increasingly saturated market?...

Finance4 days ago

WILL BLOCKCHAIN REVOLUTIONIZE FINANCE?

By Ken Timsit, ConsenSys   Over the last 10 years, researchers, software developers, start-ups, and large companies have been conducting...

Banking4 days ago

FIVE FINANCIAL SERVICES TRENDS FOR 2020: BIGTECHS SWOOP IN, BANKS GO ON THE OFFENSIVE AND CRYPTOCURRENCY STALLS

Rahul Singh, president of financial services at HCL Technologies   We’ve just finished a very exciting decade in financial services, with new...

Wealth Management4 days ago

COMBATING INSURANCE FRAUD WITH MACHINE LEARNING

By Georgios Kapetanvasileiou, Analytical Consultant at SAS   Most insurance companies depend on human expertise and business rules-based software to...

Business4 days ago

DELIVERING SUCCESSFUL IT SYSTEMS THROUGH THE POWER OF PARTNERSHIPS

By Mike Smith, Executive Director, Virgin Media Business (Direct)   Is there anything more frustrating than finding out your bank account...

News4 days ago

BATTLEFACE RECEIVES INVESTMENT FROM FINTECH VENTURES FUND

battleface Inc., a rapidly growing tech-enabled insurance startup focused on providing travel insurance products for unconventional travellers worldwide, announced today...

News4 days ago

VANQUIS BANK PARTNERS WITH HOOYUTO DIGITALISE KYC PROCESSES

HooYu KYC digital journey deployed during the customer lifecycle on a risk-based approach   Leading customer onboarding and KYC technology...

Banking4 days ago

WHY NEOBANKS ARE ON THE RISE IN THE UK

New research by SmallBusinessPrices.co.uk analyses how neobanks are on the rise and why they’re so popular amongst consumers compared to...

Finance6 days ago

RECOLLECTING 2019 CRYPTOCURRENCY TRENDS & LOOKING FORWARD TO 2020

Marie Tatibouet is the CMO at Gate.io   It has been a bold and progressive year for the digital asset...

Banking6 days ago

WILL HONG KONG REMAIN THE JURISDICTION OF CHOICE FOR OFFSHORE BANKING?

Hong Kong has traditionally been seen as a tax haven and the financial hub of Asia, if not the world....

Technology7 days ago

HOW CHARITIES CAN MEET TOMORROW’S DIGITAL CHALLENGES?

By Steve Georgiou, Business Consultant at Xpedition    Charities are under constant scrutiny for how they handle their finances. Budgets...

Business7 days ago

RECALL YOUR REPUTATION: HOW TO HANDLE PRODUCT RECALLS

By Alex Balcombe, Partner at Harris Balcombe   John Lewis, Tesco, and Hotpoint have all been in the news in...

Business1 week ago

THE WORLD’S MOST ENTREPRENEURIAL COUNTRIES PERFECT TO START A BUSINESS IN

Latona’s has analysed The Global Entrepreneur Monitor data to reveal the world’s most entrepreneurial nation. Analysing each country by a...

News1 week ago

MENDIX SUPPLIES RABOBANK WITH LOW-CODE PLATFORM TO BUILD NEW CORE ONLINE BANKING APPLICATION

New online portal leverages low-code’s speed and flexibility   Mendix, a Siemens business and the global leader in low-code and...

Finance1 week ago

RETIREMENT ANNUITIES AND THEIR ADVANTAGES EXPLAINED

By Gerard Visser, Financial Planning Consultant at Alexander Forbes   There are a number of ways to save and a...

Trending