Adam Vincent, CEO, ThreatConnect
Financial companies are increasingly turning to advanced technology to bolster their key services. Automated fund management is becoming a daily reality for many retail investors as advanced financial technology becomes miniaturised – companies like Nutmeg have built their business model on mobile-based automatic investment.
Even for larger, more traditional investment houses, essential market and risk analysis is shifting towards digital – as machine learning becomes more advanced, software is increasingly able to perform critical judgements that were previously the preserve of humans.
With that shift comes a heavy reliance on technology in frontline business as well as back-end processes. As such, the security of these applications is paramount. Banks and other financial institutions need to ensure they have full visibility of their systems and are able to detect potential threats to their customer-facing systems. A compromised investment app could lead to serious losses and, if the firm in question is influential enough, have a significant impact on wider markets.
Security’s weight problem
To add to that problem, the cyber security that guards those banks is often huge, unwieldy and poorly linked up. For decades, the young cybersecurity market has been about specialism: laser-focus companies designing highly-adapted solutions to solve a particular problem – malware, say, or phishing – as well as possible. That’s all well and good in the sense that each platform does the best job for its users, but over time it’s led to a highly expensive and unwieldy situation for buyers and security analysts who have to assemble a defence from multiple vendors.
Think of it this way: imagine you need a new car. But instead of going to the local dealership and buying a shiny Ford, you have to ring up the door manufacturer and ask them to bring you four doors. Then you call the seat company, and they deliver five seats. The engine makers, the boot shapers, the hubcap painters. All of them craft a quality product, but you’re left with an enormous bill and you still have to put the thing together and make sure it actually works.
That’s essentially the problem facing large banks in the current culture. They purchase a firewall, an email filter, a threat intelligence database, an antivirus software, and whatever else they need, and each of them does a great job – but overall, they’re a burden to run. They don’t talk to each other, and each has its own dashboard. Security analysts have to spend hours sifting through alerts to find the truly crucial issues, and valuable time is lost tending to individual systems.
That’s the CISO’s problem. But for the CEO, there’s a bigger issue – running multiple security systems is expensive. Really expensive. The more systems you have, the more highly-skilled staff you need, and they’re few and far between. Where cybersecurity used to be a classic back-office concern, like air conditioning or heating, it’s now a central part of strategy and a key pillar of both reputation and customer retention – financial legislation leaves no room for failure. Above all, though, at present, it’s a cost centre.
Send an algorithm to do a human’s job
So how do financial institutions maintain the benefits of digitisation whilst reducing the weight of security? In a word: orchestration. As cybersecurity has grown and developed, so has computer automation. Companies can now link their key systems together under a single automated management tool (often referred to as a security orchestration, automation and response or SOAR platform) to reduce the weight on their staff. Orchestrating your security landscape essentially means integrating systems so that their alerts and data flows are monitored by the SOAR, which then automatically resolves low-level alerts and flags up high-priority issues that need human review.
The upshot of that is that security resources can then be spent more profitably on strategic initiatives like system reviews and regulatory compliance. The CISO is happy because their security systems are preventing attacks and the team is more available for new projects, and the CEO is happy because costs can be streamlined by removing unnecessary admin tasks and slimming down software spend.
More importantly, an effectively orchestrated security system can be easily amended to accommodate new elements of the organisation’s digital landscape – meaning that financial organisations are freed up to innovate in the age of PSD2 and open banking without fear that every new application will come with a six-figure security cost.
Digital banking is the future – there’s no question about that. But financial organisations will have to change the way they approach security system management if they’re to keep up with and support innovation. Orchestration is one way to lighten the load – without compromising on quality.