Connect with us

Finance

CISOs IN FINANCE: HOW TO LEAD THE PRIVACY STRATEGY

Sophie Chase-Borthwick, Director of Data Ethics and Privacy, Calligo

 

Privacy is essentially just a data security problem, right? Surely, the requirement to act more responsibly with personal and sensitive data equates to protecting it better, encrypting it and preventing hacks and leaks?

 

Many financial businesses assume exactly this, and that data privacy, whether GDPR or California’s new CCPA, is merely an IT security problem. However, it goes far wider than that.

 

For the chief information security officers (CISOs) that have been assigned responsibility for privacy within their organisation, it can often be seen as an unenviable task. Few boards and and executive teams understand the detail of what is required for GDPR adherence or Privacy by Design to assign enough or the right resource to the task.

 

In fact, we regularly hear stories from financial services organisations of all sizes about shoddy approaches to data privacy, especially GDPR, with some assuming that just because they have a data security function, adherence is a given.


However, as an experienced CISO, you will understand that privacy is not as simple as ring-fencing your data. You will appreciate that because GDPR in particular requires the responsible management and use of data, just as much as its responsible protection, that a privacy strategy needs involvement from every part of a financial organisation, including marketing, HR, sales etc.

 

But many businesses did not think like this. Or more accurately, many CISOs were fully aware of the extent of the task, but were not given the time or resource to address it appropriately. Many were forced to focus on the parts they could fix the fastest and the easiest, predominantly technology and data protection, leaving major gaps in processes and people – the two other equally-important pills of adherence.  

 

Others were bending over backwards to cover the basics of the new requirements, but saw their wider security strategies either derailed or delayed in the process, leaving many financial businesses more susceptible to security breaches than they were before. These are real scenarios that we have seen time and again amongst our clients.

 

So, how is it possible to balance data privacy with wider security strategy? Many argued when GDPR came into force that it represented a huge opportunity for those in CISO roles to change the perception of their input and value to a business; from simple data protection to instead safeguarding data across its entire lifecycle.

 

But how can you put this into practice? How can a CISO build the strategy that achieves the immediate data privacy goal, while enhancing – not weakening – wider data security initiatives, and their own standing?

 

Assess your business holistically

There are eight domains that require addressing for a successful privacy strategy: governance and accountability; risk management; security management; third party management; incident management; personal information management; rights of data subjects; and finally, understanding the scope of your organisation as it pertains to the relevant legislation.

The most obvious observation for many CISOs will be that many of these areas are outside their traditional scope. However, they all need equal attention and they are all unavoidably part of the project they are leading. The trick is to not let yourself focus on only the more easily-addressed “home turf” security areas, nor be drawn by the business too far into the non-security areas.

Ask for help

For some, this will be one of the hardest steps – either personally or politically – but it is essential. As mentioned above, there are eight areas that need addressing equally. This means that assistance from experts across the wider business is vital. No one expects a CISO to be well-versed in the legal rights of data subjects, or in how to build a perfect Privacy Policy, but you will need to recruit support from the internal subject matter experts who are, then act as the intermediary between them all, and lead from the front.

Perform a GAP analysis

Before you can even think about aligning your organisation to a privacy strategy, you must identify your baseline and areas of improvement. What are the minimum requirements within each of the eight areas for your business to be in line with the legislation facing you? And, what constitutes particularly robust observance? Finally, where on this spectrum are you aiming for and how does that compare to your current state?  

Present your action plan

The GAP analysis will have provided you with a starting point and a series of non-conformances to address. The next step is to prioritise the remedial tasks required and plan how they will be executed. It is however imperative to demonstrate that the plan is tied to, but not wholly based on, the security strategy. Sales, marketing, HR, IT etc. must all understand that they have equal parts to play, and be equal in their accountability.


Secure wider resource

The final part of the process is to identify the most suitable individuals to assist. This controlled delegation maintains the CISO’s position as the lead on the project, ensures good project management and execution, while also safeguarding the security team’s resources.

 

It’s clear that a privacy strategy is an organisation-wide initiative and encompasses all areas of technology, people and processes. It requires far more than building higher walls around your data, or simply gaining renewed consent from customers. However, it’s important to remember that this will not be widely understood, and given it is commonplace post-GDPR for CISOs to be handed responsibility for privacy, you will need to take the initiative on a whole host of procedures and processes that span your entire enterprise – and may not be within your comfort zone.

However, get it right and you will engender more trust from within your customer base – an important commercial outcome that you can take no small amount of credit for.

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Finance

2021 FINANCE SPEND PREDICTIONS

by Andrew Foster, VP Consulting EMEA, AppZen

 

As we enter a new year filled with ongoing change and uncertainty, a few things are still clear. Though digital transformation has long been a familiar story told across the finance sector, businesses are recognising the need to adopt new technologies as a matter of urgency. As a result, 2021 will see a huge shift towards embracing technologies that transform finance procedures.

Anant Kale, Co-Founder and CEO, AppZen, shares his finance predictions for 2021:

 

The year of accelerated digital transformation

The current pandemic forced companies of all sizes, across nearly every industry, to virtualise their workforce, almost overnight. But in the coming year, finance leaders will be turning their attention to wider digitalisation efforts.

Kale explains, “Last year, the focus was on how to quickly keep up with changing business needs, with CIOs focusing on business continuity in a remote work environment—conferencing and collaboration tools, network upgrades, and so on. As we finally caught our breath, this next year will bring even deeper transformation. Rethinking and reimagining business processes in an AI-first world will keep enterprises agile, efficient, compliant and allow them to scale without relying on adding huge headcounts, which will be critical to the bottom line.”

Andrew Foster

Consequently, more CFOs will be driving the push for AI-powered programmes to be implemented into finance operations to accelerate digital transformation, streamlining operations across the entire enterprise and ensuring business resilience.

 

Expanding digital transformation – beyond the basics

Over the past year, the drive to enable remote working across the whole organisation has meant the deployment of a wide variety of technologies. Yet, most of these solutions are not in areas that directly increase the finance department’s efficiency. This year, finance leaders will be prioritising two specific functions that are prime for disruption and enhancement – AI-based invoice processing and expense auditing.

“Increasingly, AP invoice processing decisions will be made in the autonomous zone, where intelligent systems can independently make decisions that don’t require human second guessing or manual review,” said Kale. “With autonomous AP, systems that are capable of evaluating all aspects of invoice entry, matching, accounting approvals and even risk and compliance, AP teams will be able to move from operations to more strategic AP concerns.”

AppZen’s recent survey of top CFOs and finance executives confirms the need for deeper transformation in 2021. Currently, 59 per cent respondents report they still haven’t automated ingestion and extraction of data from invoices. Unsurprisingly then, a notable 43.5 per cent of organisations still take seven or more days on average to process an invoice. Organisations with more proficient automated processes only take 2.9 days to process an invoice on average — a considerable difference that supports the need for increased automation and AI uptake among modern finance teams.

 

Adapting for expenses in the 2021 work-world

CFOs will need to budget for different types of business expenses in light of the new environment. With an evolving workforce that includes remote, on-site and hybrid workers, they need to rethink their strategies and plan scenarios in ways they’ve never had to do before.

To this point, Kale comments, “Business travel will come back in some form later this year, but more importantly, the nature of expenses that have traditionally been associated with travel and entertainment (T&E) will change. Instituting routine audits and implementing clear expense policies will be critical to avoid fraud and abuse or unreliable financial data, which cost businesses nearly $3B dollars a year—and that was before the pandemic.”

As the spend environment becomes more complex, spend visibility is more vital now than ever. Finance leaders need to have the right tools in place to identify these new types of expenses – such as the number of video conferencing licences acquired, home office equipment, and productivity software – and properly assess spend priorities.

Flexibility is also crucial. In a rapidly-evolving environment, a one-size-fits-all policy isn’t up to standard. “How enterprises create and allocate budgets has been completely disrupted and what worked in the past won’t work in 2021,” declares Kale. “We’ve gone from a relatively certain, predictable way of carrying out business operations to a time where only the unpredictable seems certain, which requires agility, speed, and scale to ensure longevity and continuity.”

 

Conclusion

Despite challenging times, finance leaders are showing optimism for 2021. This year will require adaptability in the face of evolving global economic conditions in order to meet not only wider company needs, but those of employees as well. Embracing new technologies will continue to transform operations across every level of an organisation and enable business leaders to drive both productivity and profitability despite the uncertainty ahead.

 

Continue Reading

Finance

THE LOYALTY-TRUST PARADOX AT THE HEART OF FINANCIAL SERVICES AND HOW TO OVERCOME IT

By Andrew Warren, Head of Banking & Financial Services, UK&I at Cognizant

 

There has long been a paradox at the heart of the financial sector – customer loyalty remains high despite overall trust in the banking system being very low. In any other sector, low trust would lead customers looking for services elsewhere. Generally, however, the major banks have been able to retain their clients despite, rather than because of, trust.

This customer loyalty does not always pay, with research suggesting consumers could be overpaying by £2.9bn in areas such as mobile, broadband, home insurance, as well as, notably, mortgages and savings. Whether the result of customer lethargy, lack of awareness of the possible cost savings or low expectations of the service banks provide, this has encouraged complacency in the banking sector.

This could, however, change as our post-pandemic reality begins to bite. People may have used the extra time from the lack of a commute to do some research and shop around for better alternatives, as well as harbouring frustrations over a perceived lack of support in recent months. Coupled with the possibility of a period of negative interest rates, we could soon be heading towards a perfect storm, where both retail giants and small local businesses start to question the value their banks actually provide.

 

Digital native challengers are shifting the landscape

One viable reason for the supposed loyalty consumers have towards the major banks has been the lack of real alternatives. With all of the traditional high street institutions offering services that were largely interchangeable, switching services seemed more effort than was really worth it when perceived benefits were so minimal. However, this changed with the arrival in recent years of challenger banks such as Monzo, Starling and Revolut, which continue to grow in popularity due to ease of use and better customer experience from sign-up through to their intuitive apps.

The primary advantage of the big banks is their liquidity, historical reputations and longstanding customer base. However, the agility and user-friendliness of the challengers is shifting the landscape, and the continued reliance on legacy systems leaves the traditional players struggling to surpass, or in most cases match, the innovative services and products fintechs are able to bring to the market.

 

Customer expectations setting a new standard

As personalisation and smooth technological integration in other sectors, such as retail, raises expectations of similar offerings across all service industries, this could soon become a key battleground for banks.

With the challengers currently looking better equipped to respond to these consumer needs, here are some of the steps banks can take to modernise their offerings and retain customers’ loyalty:

  • Embracing human science – the financial sector has long favoured data science in its behavioural analysis. Almost anyone can understand basic data; it is how semiotic algorithms can be used alongside this that will reveal real insights that can be used simply to help understand people better, their fears, their hopes and their aspirations.
  • Adapting to modern trends – the lockdown has, by necessity, modified and in some cases accelerated, many of the established habits of both individuals and businesses. These range from an increased adoption of cashless payments, to remote working, the propensity for saving vs investing, attitudes towards fraud and risk appetite, and loyalty. As a result, some customer journeys, which had become the cornerstone of banks’ or lenders’ strategies, will now need to be adapted. For example, products, pricing and customer treatment strategies will need to be updated, and the entire value-chain of customer touchpoints should be digitally enabled. Financial institutions will now need to ensure speed and quality of their response to this change.
  • Using innovation to level the playing field – the systemic advantage the big banks have over more agile challengers is in liquidity access. It is an advantage that potentially will be scrutinised in the COVID-19 enquiries we can expect to see in the near future, particularly around the provision of the various governmental support schemes and loans for which these big banks initially had responsibility. As that advantage then reduces, the need for real innovation grows. This means building business models and deploying technology that can deliver value and differentiation. For example, the major banks have more channels than their digital-only counterparts and, therefore, more data to draw on. The result is a better focus on customer journeys, with modern cloud-based data management platforms central to this. The quantity and detail of data can play in banks’ favour, allowing constant ongoing improvements to customer communications and simplifying self-service options in an increasingly remote world. It is important that banks continue to ensure they are thinking outside the box and keeping pace with other industries that are innovating in their response to the pandemic.
  • Personalising the process – technology is already helping to speed up processes and improve self-service banking operations, particularly with predictive and smart decision-making through AI and ML. The advanced use of chatbots is an example, along with increasing tailored content and interfaces in apps and on digital platforms. However, the end goal is personalisation across the whole customer journey, not only through technology but also call centre operatives who still form a critical role in trouble shooting and need an up to date view of the customer in order to be able to do their job. Technology can also help analyse how these human interactions can then become more personalised.

The major banks retain a crucial position in UK society for the support and confidence they offer their customers. However, as in so many other sectors, the coronavirus pandemic could come to be seen as a watershed moment in their evolution. With the challengers continuing to gain momentum, banks certainly cannot afford to stand still. It is the ability to have a data- and technology-driven approach, as outlined here, that can help them retain their dominance and justify customer loyalty now lockdown is beginning to lift. Should they fail to do so, we may find ourselves in a very different landscape than we do today. By focusing on the steps above, banks will start to level out the playing field.

 

Continue Reading

Magazine

Trending

Finance3 days ago

2021 FINANCE SPEND PREDICTIONS

by Andrew Foster, VP Consulting EMEA, AppZen   As we enter a new year filled with ongoing change and uncertainty,...

Business3 days ago

FIVE PITFALLS PROFESSIONAL SERVICES MUST OVERCOME DURING THE PANDEMIC

By Andy Campbell, global solution evangelist at FinancialForce   The pandemic’s impact on the global economy has, and is continuing...

Business3 days ago

HOW FINANCE TEAMS CAN UTILISE MODERN TECHNOLOGIES TO PREDICT AND MITIGATE RISK

Carol Lee, CFO of Wrike   There is no denying that the finance function plays an important role in every...

Finance3 days ago

THE LOYALTY-TRUST PARADOX AT THE HEART OF FINANCIAL SERVICES AND HOW TO OVERCOME IT

By Andrew Warren, Head of Banking & Financial Services, UK&I at Cognizant   There has long been a paradox at...

News3 days ago

ACCELERATION OF DIGITAL TRANSFORMATION PUSHING ORGANISATIONS TOWARDS A MORE DATA-DRIVEN APPROACH

84% of businesses have seen more demand for data due to Covid-19, but nearly a third say data quality remains...

Finance3 days ago

WE NEED MORE CRYPTO COMPANIES TO IPO TO INCREASE DIGITAL ASSET SCRUTINY AND ADOPTION

Stephen Ehrlich, Co-Founder and CEO at Voyager Digital   As a publicly listed digital asset trading business, the recent announcement...

News5 days ago

SUSTAINABLE DERIVATIVES: THE “GIVING TREE”

Jennifer Kafcas, Lauren Blaber, Alvino Van Schalkwyk and Harry Polan   Momentum continues to gather pace towards building a sustainable...

Finance5 days ago

THE POTENTIAL OF PaaS IN FINANCIAL INSTITUTION INNOVATION

By Barry Tarrant, Director, Product Solutions, Fiserv   Financial institutions continually balance competing demands for investment in technology maintenance, compliance,...

Business5 days ago

TAPPING INTO THE RIGHT MINDS

David Holden-White, co-founder and managing director, techspert.io   The world is awash with information. Analyst house IDC estimated that more...

Top 105 days ago

FINANCE DERIVATIVE 2021 TRENDS – NUAPAY

By Brian Hanrahan, CCO, Sentenial, parent company of Nuapay   The past year has accelerated payments trends that already existed,...

Finance5 days ago

FINANCE PREDICTIONS FOR 2021

By Dr Vic Arulchandran, CPO at Nivaura   The year 2020 saw many technology trends accelerated due to the global...

Business5 days ago

A NEW VISION FOR GRANT MANAGEMENT REQUIRES FAMILIAR IT

Jack Perschke, Partner at Netcompany   At its very heart, the business of government is mostly about either taking in money...

Business1 week ago

RETAILERS NEED TO DELIVER BETTER REWARDS TO ENSURE CUSTOMER LOYALTY

62% feel retailers need to improve the ways they reward consumers for shopping with them 55% believe that loyalty programmes...

Banking1 week ago

OPEN BANKING: THE UNSUNG HERO OF THE PAYMENTS REVOLUTION

By Mike Peplow, CEO at Paynetics UK   It’s been more than three years since the introduction of open banking...

Business1 week ago

DATA MANAGEMENT: HOW TO KEEP YOUR PAYROLL INFORMATION HUSH-HUSH

Shubham Joshi is an experienced content marketer at FactoHR Why, at the time of recruitment, candidates are told not to...

News1 week ago

AURIGA AND ACI WORLDWIDE PARTNER TO LAUNCH NEXT-GENERATION ATM ACQUIRING AND SELF-SERVICE BANKING PLATFORM

New platform improves omni-channel experience for consumers, including self-service channel integration with mobile and internet banking   Auriga, market leader...

Business1 week ago

THESE TOP 5 INTERACTIVE SKILLS WILL ENSURE WE’LL BECOME BETTER COMMUNICATORS IN 2021

Last year was one like no other and is certainly one that the majority of us will be keen to...

Business1 week ago

BENEFITS OF MOBILE HEALTHCARE APPS FOR CONSUMERS

By Sandy van Dijl, branch manager at Alexander Forbes Health   The healthcare industry is at the forefront of the mobile revolution Using mobile applications...

Wealth Management1 week ago

FROM EFFICIENCY TO NEW INVESTMENTS – WHY BLOCKCHAIN IS MORE THAN MEETS THE EYE

Thomas Borrel, chief product officer at Polymath   Blockchain has been an extremely hot topic in 2021. With companies and...

Banking1 week ago

UNDERSTANDING THE CYBERSECURITY CHALLENGES FACED BY NEOBANKS

Narendra Sahoo, Founder and Director of VISTA InfoSec   Introduction In recent years we have witnessed a major drift in...

Trending