Connect with us

Finance

RISK-BASED VULNERABILITY MANAGEMENT IS A MUST FOR FINANCIAL SERVICES

By Stephen Roostan, VP EMEA at Kenna Security

 

In comparison to other industries, financial institutions pay the highest price for cybercrime. According to a 2019 cybercrime report by Accenture, the average cost of cybercrime is $18.37 million per year globally and in the U.K specifically it is $11.46 million per year, an increase of 31% from the previous year.

IT and security teams are under constant pressure to safeguard their organisations from potential cyberattacks – continuously checking for and remediating any vulnerabilities that have the potential to leave the company exposed. This mammoth task usually comprises the management of all vulnerability data sources in an organisation’s IT environment covering network infrastructure, hardware, applications, containers and IoT. In large enterprises this can easily amount to 80,000 assets and applications, including laptops, servers, routers, internet-connected printers and websites, that together, could potentially contain around 40 million vulnerabilities. However, the reality is that only around 2% to 5% of all these vulnerabilities represent a legitimate threat to the organisation’s IT environment.

Until now, organisations have typically had to utilise a ‘divide and conquer’ approach to prioritising which vulnerabilities to patch. Using a mix of labour-intensive spreadsheets, home-grown solutions, and traditional vulnerability scoring to determine how best to deploy precious resources and address those vulnerabilities assessed as most likely to compromise enterprise security, or put regulatory compliance at risk.

However, the rise of risk-based vulnerability management (RBVM) is changing the rules of the game. Making it much easier for organisations to dramatically improve their security stance by identifying – and remediating – the small subset of vulnerabilities that are most prone to exploitation by cyber attackers. What’s clear is that financial institutions really need to consider risk-based vulnerability management, especially as they get hit by 25.6% of all malware attacks.

 

RVBM – a revolutionary approach

As many organisations have discovered, basic free tools like the Common Vulnerability Scoring System (CVSS) have significant limitations that make it difficult to cope with the sheer volume of vulnerabilities that are now part and parcel of today’s cyber landscape.

According to 451 Research, organisations using CVSS v3 that have 2 million vulnerabilities could find that 660,000 of these are classified as critical. Without any understanding of the exact relative risk these vulnerabilities pose to an individual organisation, prioritising which to address first requires some significant heavy lifting by security analysts to determine where remediation needs to be focused first.

In other words, they need to apply some clever thinking to evaluate all 660,000 of the vulnerabilities identified by the CVSS scan to profile the specific risk each one poses to the organisation by determining how sensitive each vulnerable asset is; if the asset is exposed externally; and if there is a known exploit code associated with that vulnerability.

By contrast, today’s RBVM platforms make it much easier and faster for security and IT teams to assess and identify which vulnerabilities pose a real threat – based on the specific risk to their own IT environment.

 

Going beyond CVSS – taking risk-based vulnerability management to a new level

Today’s highly adaptive RBVM platforms make it possible for enterprises to apply data-driven metrics to evaluate their specific exposure to potential risk factors, sorting the ‘wheat from the chaff’ to rapidly prioritise remediation actions.

Utilising predictive data science modelling and real-time threat intelligence feeds, RBVM platforms enable security teams to gauge exactly how critical any new threat is to the organisation’s real-world specific environment. Unlike CVSS tools that blanket-score high volumes of vulnerabilities as ‘high risk’, RBVM solutions provide the evidence-based guidance intelligence teams need to identify only those most critical vulnerabilities that represent a true risk to the enterprise stack.

As digital models and new ways of working proliferate, vulnerability and threat management are fast moving up the enterprise agenda. Because, as organisations have found, digital transformation spawns ever greater infrastructure complexity that makes keeping track of assets and prioritising remediation workloads an almost impossible task. RBVM provides an answer to effectively managing environments based on vulnerability risk management principles that allow IT and security teams to move away from an ‘everything at risk’ approach.

 

Evolving from basic tools – brings efficiency too 

The benefits of moving to an RBVM platform for IT and security organisations are significant. The ability to identify with confidence what to fix first – and what patches can be applied over time – represents a win-win for both teams. Eliminating the traditional frictions that can often exist between IT and security teams, everyone now understands what represents a priority and what does not – and why.

Security teams no longer have to generate extended patch lists for IT teams to complete, confident that they are taking the right actions to protect the enterprise. Meanwhile, IT teams know that they are now focused on a clearly defined set of cybersecurity concerns that can be remediated without adversely impacting application or web services availability.

As a result, organisations are at last able to unify how security and IT teams can work hand-in-glove across multiple business units. Because these teams are able to spend less time chasing ‘headline’ vulnerabilities that actually don’t pose a particular threat to their organisation, everyone is able to prioritise remediating those vulnerabilities that actually represent the greatest risk. Once teams stop playing catch up, as far as cyberthreats are concerned, they are able to leverage their new-found efficiencies to focus instead on other strategic projects.

Finally, alongside enabling improved collaboration between security and IT teams, today’s advanced RBVM solutions also enable these teams to clearly communicate to senior board members and governance exactly how they are lowering risk for the organisation as a whole – and supporting enhanced risk-intelligent decision-making going forward in the context of the enterprise and its IT infrastructure.

 

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Business

NAVIGATING SUDDEN DIGITAL ACCELERATION – HOW MERCHANTS CAN KEEP UP IN A NEW AGE OF PAYMENT INNOVATION

James Booth, VP Head of Partnerships, EMEA at PPRO

 

Recent months have brought momentous change for businesses across the globe. Needless to say, the pandemic has had a colossal impact on the retail sector in particular. For certain industries, the crisis has catapulted society further into the digital world; technology that was predicted to be adopted  over the coming years is now on track to be embraced in mere months.

However, local lockdowns for example in the UK continue to force shoppers away from brick-and-mortar stores and onto online platforms to purchase a range of goods. As a result, we are seeing new user groups embracing e-commerce and digital payment methods at a much faster rate than anyone ever thought possible. These new consumer habits are taking root and are likely to become preferences that persist long after the pandemic.

As we continue to hurtle into a new digital era, there’s an unprecedented urgency for merchants to be proactive – offering a range of new payment offerings. As digital payments increase, offering  preferred payment methods can unlock a whole new world of opportunities. The retailers seeing exponential growth are the ones who have tailored and localised their payments offering to a global audience.

 

The pandemic has propelled demand for Local Payment Methods

Today, consumers have an even greater desire and need for frictionless shopping experiences. Social distancing is facilitating the surge in e-commerce, increasing demand for digital payment methods over traditional cash and card payments.

Before the pandemic, the world was already on route to becoming a digital-first society. Some regions were ahead of others; for instance, from the PPRO Payment Almanac, 56% of online transactions in China were already conducted via e-wallets, compared to 25% in the UK. However, now we are seeing increased demand for these types of payments across the globe.

 

Catering for a new online customer

Whilst typically the global digital payment revolution had been led by Gen Z and Millennials, elderly consumers are set to drive the e-commerce market post-crisis. In fact, a recent study by Mintel revealed that 43% of those aged 65 and older have shopped more online since the start of the crisis. This is a stark contrast from back in May 2019 when just 16% of the same age group shopped online at least once a week.

Ongoing consumer needs for increased convenience and safety during the pandemic, have sparked a shift towards online shopping and away from brick-and-mortar. For example, groceries have seen a meteoric rise in online ordering; according to PPRO’s cross-border engine, online purchases of food and beverages are up 285% since the start of the pandemic.

With new curbside and buy online pick-up in store (BOPIS) programs, the typical cash and card payment methods will be harder to maintain. Now, merchants must offer e-commerce, and implement digital payment options at checkout. Recent data shows up to 80% of shoppers across Europe’s three largest markets (UK, Germany and France) will now make at least half of their purchases online.

We are also seeing the rise and popularity of pay-later apps like Klarna and Afterpay (Branded ClearPay in the UK) to help offer relief from the economic impacts of the virus. Just last month, Klarna was crowned one of Europe’s biggest private owned financial technology providers – with nine million consumers in Britain having used the service, and 90 million users worldwide.

Shoppers need flexible payment options. For merchants, extending many different payment options that cater to different consumer groups can provide diversification and enable growth.

 

Get ahead, or get left behind

This sudden digital acceleration puts merchants at a crucial crossroads. Embracing new innovations in payment methods has the power to open brands up to a wealth of new customers, whilst satisfying the changing needs of their existing customer pool. On the other hand, failure to offer a variety of digital payment methods can severely limit brands – therefore impacting future growth and success.

As businesses continue to navigate the ongoing ramifications of the pandemic, merchants will eventually face a digital arms race to create the best possible online experience. Those who understand this and make the checkout experience a top priority will succeed, and those who stick to their guns will be left behind. The failure to meet customer preferences during the payment process means many customers will abandon baskets at the very last hurdle. In fact, a study by PPRO 44% of UK shoppers abandon a purchase if their favorite payment method isn’t available.

While recent events have put huge strain on both global economies and consumers, it has also birthed a new age of payment innovation. New offerings such as the rise of Facebook owned, WhatsApp payment features or PayPal and Venmo enabled QR code checkout are showcasing the acceleration of this trend. Financial technology is helping to keep humans connected and provide access to the goods and services they need. Digital adoption will only proliferate, so merchants must act now to get ahead of the curve.

 

Continue Reading

Finance

SUBSCRIPTIONS: THE NEXT BIG PAYMENT TREND

By Nick Raper, Head of UK at Nuapay

 

Ask the next person you speak to whether they’ve ever had a subscription to a business (the most common being a gym membership) that they forgot about, or just didn’t use, losing money as a result. Guaranteed, nine out of ten times, the answer you receive will be a ‘yes’.  This is often followed by a disgruntled anecdote about how the individual kept forgetting to cancel the direct debit, using the service for much longer than he or she intended to.  It proves just how sticky customers are when they are signed up to subscriptions – a trend that is rapidly increasing in the current environment.

Today, consumers are increasingly demanding ‘always on’ services that are fast, easy and can be personalised. With the COVID19 pandemic restricting consumers’ access to physical shops and driving almost all of them online, this expectation is growing the world over. Subscriptions provide a method of receiving services or products at a specified regularity and according to predefined preferences.

Subscriptions also allow businesses transitioning into the digital space to better monetise their services. Newspapers are a great example of this;  it isn’t practical to sell newspapers on a “one-off” basis online, so many publishers have transitioned to digital subscriber models. With many other businesses from fitness classes to online events providers, forced to find a viable virtual business model, subscriptions have become an attractive option. Indeed, research from Zuora has shown that throughout the first lockdown nearly 90% of subscription businesses maintained or grew memberships. And this trend shows no sign of slowing down.

Businesses looking to offer their customers the best service would do well to consider consumer subscriptions, enabled by recurring payments technology. Subscriptions can be used across a growing range of sectors, from traditional subscription users like gyms, and online entertainment and media services, to food and beverage retailers, health providers in dental and eyecare sectors, and even online matchmaking and dating services. Going forward, subscription payments are expected to grow further as Gartner predicts that by 2023, 75% of organisations selling direct to consumers will offer subscription services.

 

What’s the business benefit?

By employing recurring payments, businesses can attract more customers that are price driven. A £25 per month cost in return for something new each month, is often much easier to accept than a £300 lump sum for one product.

Another benefit of subscription models is the ability to drive increases in customer revenue through reduced attrition and the ability to upsell or cross-sell products and services.  One-off purchases with little or no product feedback, make it difficult to develop an understanding of consumer behaviours and preferences. By building an ongoing relationship with customers businesses can gain deeper insights which can be used to inform product alterations or even bring entirely new products to market.

Data from Nuapay shows the benefit of having members signed up on subscription services from the over 700 gyms serviced by Nuapay.  Of gyms that were forced to close their doors and stop collecting membership fees in April as a result of Covid, many saw a relatively quick return in their revenue over the summer.  By August, on average 83% of customers were back and paying their gym memberships again, despite continued restrictions in many European countries. Additionally, these gyms only saw a +0.9% increase in cancelled payments in August, compared to pre-Covid levels, suggesting no lasting impact on their attrition rate.

The additional beauty of subscription based business models is that, Covid aside, the stability of the customer base makes it easier to predict business revenues, enabling improved decision-making as strategic planning can be informed by revenue from ongoing recurring payments.

 

Partnering for success

Historically, implementing a subscription based business model has been difficult for organisations given the limits of collecting via recurring payments – this is particularly so for businesses at the small to medium end of the spectrum.

Today, improved digital payment infrastructure and new providers in the Account-2-Account payments space makes it possible to set up and process recurring payments quickly and easily. Payment providers are increasingly being integrated into a range of business software and payment solutions – large and small – to ensure they deliver the speed and exemplary experience demanded by consumers.

CyberSource, Visa’s global payment management platform, recently announced a partnership with Nuapay to take advantage of Nuapay’s Account-2-Account capabilities, and deliver additional payment solutions to its merchants client base. At the other end of the spectrum, specialist software platforms, such as gym management software Deciplus, can also integrate Account-2-Account solutions into its platform, providing an effortless Direct Debit experience for payers and merchants.

New payment innovations are now starting to transform historic Account-2-Account recurring solutions, which have been Direct Debit based till now. As an example, a merchant can now use Open Banking payments to improve the Direct Debit sign up process for payers, while also helping merchants reduce their failed payments, indemnity claims, and lost payments. Additionally, new recurring payment options known as Variable Recurring Payments (VRP) is said to be the next generation of Open Banking. Currently being tested in the FCA’s sandbox, this technology enables businesses to collect payments from a consumer up to an agreed maximum amount, subject to monthly limits. As it is based on Open Banking technology, VRP will be SCA compliant, providing a secure and convenient alternative to online card payments.

With an increasing number of subscription options now available, a good payment service provider will be able to provide businesses with access to and advice on the best options for them and their situation, whether that is Direct Debits, Standing Orders, or new integrated Open Banking solutions.

 

Subscribing to subscriptions

Subscriptions will only continue to grow in demand as consumers increasingly flock to online environments. Subscriptions were already growing in popularity even before the pandemic came along. 71% of adults internationally used at least one subscription service during 2019, and in Europe alone spent an average of €130 per month on subscriptions over the same period.

Covid has only accelerated this trend in some areas.  It is no surprise that video streaming services saw a massive increase in subscribers, with some providers seeing a 25% jump in subscriptions in March 2020 according to Nuapay data.

Players in other sectors also seem to be transitioning their business model during this time.  Food and nutrition suppliers who have been actively pushing subscriptions for regular deliveries have seen their subscriber base grow as much as 3 times higher than the start of the year in everything from seafood to coffee to vitamin deliveries.  Some home office suppliers who introduced subscriber models for items like printer ink, have seen growth in subscribers as high as 40% since January.  Even some travel businesses have managed to pivot their business to increase recurring sales by taking a more locally focused approach.

With the range of insight-led advantages for organisations evident, it would be an oversight for business leaders not to consider sharing their products and services via a subscription based model.

 

Continue Reading

Magazine

Trending

Technology6 hours ago

DATA DILEMMAS IMPACTING ESGS

Mario Mantrisi, Chief Strategy and Knowledge Officer, Kneip   It’s been well documented over the past few months that the...

Technology3 days ago

SIX PILLARS FOR A SUCCESSFUL CLOUD

by Giuseppe Paternò, IT Infrastructure Architect, Security Expert, and Cloud Solution Guru   COVID-19 pandemic is pushing many companies to...

News3 days ago

MARQETA CONTINUES EUROPEAN GROWTH, SIGNING THREE NEW DIGITAL BANKING CUSTOMERS

Marqeta is supporting the development and launch of three new digital banks across the UK and Europe   Marqeta, the...

Technology3 days ago

TECHNOLOGY IS OUR FIRST DEFENCE AGAINST MONEY LAUNDERING

Jesse Chenard, CEO of MonetaGo Fraud is an age-old problem that has plagued every industry since businesses began trading. It...

News3 days ago

STOCARD BUILDS ON SUCCESS AS IT EXPANDS STOCARD PAY TO FOUR MORE EUROPEAN COUNTRIES

Stocard, the leading European mobile wallet with over 50 million users, launches its payment functionality, Stocard Pay, in Germany, France,...

Business3 days ago

3 KEY DIGITAL MARKETING TRENDS FOR 2021

– Emma Digital marketing is an industry where the trends are changing on a daily basis, meaning those in the...

News3 days ago

SBER ANNOUNCES PARTICIPATION IN A PRIVATE EQUITY FUND

Sber in cooperation with a leading Middle East sovereign wealth fund announces its commitment as a cornerstone investor into an...

Wealth Management5 days ago

HOW INSURERS CAN KEEP UP WITH A NEW WAVE OF MILLENNIAL PET OWNERS

Chris Blatchly, Chief Digital Officer & Consulting Leader for Insurance, Cognizant   In the midst of COVID-19, puppies and kittens...

Banking5 days ago

ADVANTAGES OF OFFSHORE BANKS: WHAT THEY HAVE TO OFFER MILLENIALS

Contrary to popular belief, offshore banking isn’t just for the super-rich, nor is it illegal. In reality, and with professional...

Business5 days ago

A GUIDE TO LLC TAXES FOR SMALL BUSINESSES

By Tricia Joyce   Starting a small business can be an exciting, if sometimes stressful, journey. While finally being able...

Business5 days ago

NAVIGATING SUDDEN DIGITAL ACCELERATION – HOW MERCHANTS CAN KEEP UP IN A NEW AGE OF PAYMENT INNOVATION

James Booth, VP Head of Partnerships, EMEA at PPRO   Recent months have brought momentous change for businesses across the...

Banking6 days ago

CODAT PARTNERS WITH VISA TO GIVE EUROPEAN BANKS ACCESS TO SME FINANCIAL DATA

Codat – a London-based technology company that connects the internal systems of small businesses to banks, fintechs and other financial institutions,...

Banking6 days ago

DELOITTE STUDY: IS YOUR BANK READY FOR TOMORROW?

Banks in the Middle East and around the world have been racing to catch up with the ever-evolving technological trends...

News6 days ago

88% OF FINANCIAL SERVICES FIRMS IN THE UK ARE UNDER PRESSURE TO MAKE DECISIONS FASTER

79% of these organisations are not confident in their data literacy levels 72% of FSI firms agree shorter decision making...

News6 days ago

UNIONBANK BECOMES THE FIRST BANK FROM THE PHILIPPINES TO JOIN BIAN

UnionBank to collaborate with BIAN and its members to define the future of banking standards   Union Bank of the Philippines (UnionBank) is...

Wealth Management6 days ago

THE IMPACT OF RETIREMENT REFORM IN SOUTH AFRICA

Receiving the same tax treatment Changes to retirement benefits for provident fund members, initially meant to come in five years...

News6 days ago

NEW DIGITAL FIRST BANK – MONUMENT – ANNOUNCES ITS KEY TECHNOLOGY PROVIDERS

Monument selects Mambu, Salesforce, Amazon Web Services, Persistent Systems and Accenture as key providers for its technology build Monument is...

News7 days ago

UBER AND MARQETA ANNOUNCE GLOBAL CARD ISSUING PARTNERSHIP

Marqeta will serve as a global card issuing partner for Uber, providing them with critical financial infrastructure across key verticals. ...

Business7 days ago

LEADERSHIP FROM THE DIGITAL BOARDROOM

Gavin Fallon, General Manager, UK, Nordics & South Africa at Board International   Modern enterprises are highly complex organisations, operating...

Finance7 days ago

SUBSCRIPTIONS: THE NEXT BIG PAYMENT TREND

By Nick Raper, Head of UK at Nuapay   Ask the next person you speak to whether they’ve ever had...

Trending