Finance

Balancing performance and security: The next-gen digital threats to the financial sector

Published

3 months ago

December 22, 2022

admin

By Martin Mackay, CRO at Versa Networks

Financial organisations continue to rapidly innovate their digital capabilities, in order to facilitate the growing customer demand for secure, fast, and accessible financial services. Whilst extensive cloud usage and increased digital interactions have helped businesses to accommodate such consumer needs, it has also created more concerning security risks.

We asked Martin Mackay, CRO at Versa Networks, about the biggest risks facing the financial sector today, and how security leaders can find an effective solution to these challenges without sacrificing their business performance and efficiency.

What are the biggest security risks facing financial organisations when they use digital platforms?

Over the past decade, financial firms have experienced a digital transformation revolution. If we look at the banking industry alone, its operations and service offerings have completely shifted to the cloud. Today there are several major banks that exist without a physical branch, because all their operations, services, and interactions are facilitated over the cloud.

To enable this mass-scale digital transformation, firms are having to utilise Internet of Things (IoT) technology, and extend their network connectivity to external endpoints, such as smart payment terminals, ATMs, point-of-sale (POS) devices and more.

Martin Mackay

While IoT has tremendously improved the outreach and accessibility of financial services, it has also rapidly expanded the external digital footprint of such firms. As all of these externally connected devices and systems are positioned outside of the internal network, they often remain unmonitored and unmanaged. This is where threat actors thrive. Attackers today can leverage automated tools to identify exposed devices connected to financial networks, exploit their vulnerabilities or weak policies, and laterally move into the main enterprise network.

The financial services industry has indeed levelled up its cybersecurity strategy in the past few years. Financial organisations are currently spending nearly 11% of their IT budgets on cybersecurity, which is significantly higher than other vulnerable industries such as healthcare and manufacturing. However, a lot of this progress has been focused on building internal network defences. What some firms might not realise is that a lot of the critical security risks today come from the external digital landscape.

These risks are continuously increasing as organisations are constantly extending their IoT and third-party connectivity. With so many endpoints and hyperconnected systems positioned outside of the core network, any small vulnerabilities such as unpatched devices and unmonitored traffic can lead to a crippling security breach.

How has the cyber threat landscape evolved with the introduction of 5G?

The evolution of new and advanced technologies has been a blessing for any business, especially in the financial services industry. Operational performance in terms of accessibility, efficiency, and functionality have improved due to the adoption of 5G and the new technologies it supports. However, to a larger extent, these new technologies have also made life a lot easier for threat actors.

Specifically, the rapid adoption of 5G has elevated the IoT risks for organisations. According to recent research, 79% of businesses across twelve industries think that 5G has created significant risks for their networks in terms of the number of externally connected devices, increased service access, and supply chain integrity.

The reliable and high-speed connectivity features of this next-gen technology are allowing firms to increase their IoT functionality and establish more seamless interconnection between smart devices and cloud systems. These benefits are also the Achilles’ heel of 5G, as attackers can exploit the real-time connectivity functions to compromise several interconnected assets in much less time. Using this extended attack surface, threat actors can carry out exploitation attacks such as DDoS (Distributed Denial of Service), remote code execution, SQL injection, and zero-day exploits more easily through a single external point of compromise.

Has the recent shift in workforce practices elevated these risks for financial firms?

It’s not just the new technologies, but also the prevalence of new ways of working that is changing the cyber threat landscape. Take remote working for example. Nearly 69% of Financial Services firms are allowing their staff to work remotely at least once a week. The number was less than 30% before COVID. This big shift in work culture means that a large part of an organisation’s workforce is constantly being positioned outside of the secure internal network.

They are often using their personal devices powered by unmonitored public or private broadband, to externally connect to the enterprise network and access critical assets. This again leads to an extended and unmonitored attack surface – where threat actors can exploit the vulnerabilities in the remote user endpoints, escalate access privileges, and carry out sophisticated attacks.

There has also been a massive change in how organisations store and access their critical resources. The succession of rapid cloud migration is allowing companies to shift network resources that were traditionally delivered in hardware to software. It means more and more data is no longer being stored centrally, which gives attackers more chances to intercept it.

How can financial companies secure themselves without sacrificing their performance and digital mobility?

With the adoption of these new technologies, new ways of working, and extended digital transformation, security risks will always be there. However, financial firms need to achieve greater insight of these risks and balance them out using the right security measures.

Secure Access Service Edge or SASE provides a compelling solution to these challenges. It is an effective framework for building your network architecture in a way that converges multiple network management and security functions into a single service that can be delivered entirely through the cloud.

SASE aims to converge security with network performance, so that critical tasks like traffic monitoring and access control can be performed more easily without impacting network speed. This unified method also eliminates the need for data to pass through several VNFs (virtual network functions), which improves connectivity and decreases latency.

Overall, SASE enables granular security control across the entire network infrastructure, while also driving business performance through optimised user experience. Integrating SASE solutions allow financial firms to manage all network and security functions through a single management console. This enables secure, scalable, and reliable enterprise networking; while also ensuring security, segmentation, and visibility across all interconnected assets within the IT estate. Armed with these scalable and advanced capabilities, financial firms can enhance their multi-cloud application performance securely, while significantly reducing network management and operational costs.

Up Next

What’s in store for the payments industry in 2023?

Don't Miss

Integrating messaging apps into business operations- how enterprises can gain from employees’ personal, private communications channels and yet remain resilient

Finance

Efficient Ways Construction Firms Can Bring Down Costs In 2023

Published

23 hours ago

March 30, 2023

admin

Consistent, high-quality construction projects being underway is often a sign of a thriving economy. The future of the US is assured when new infrastructure and homes are under constant development.

As has been well-documented already, construction isn’t as productive as it could be in the US today. Numerous factors are causing these types of projects to be stalled and subsequent price hikes to occur. Economic and sector-wide conditions could be far better.

That said, it’s important for construction firms to feel like they have some say in their future. While things aren’t ideal, there’s plenty these entities can be doing that can bring down costs for the remainder of the year.

We’re a good way into 2023 now, but bringing down costs is not work that can be postponed to 2024. So, here are some efficient ways construction firms can do just that in 2023.

Review Fleet Logistics

It might seem like a curious place to start, but it’s a good idea to review how you utilize your fleet if you have one. The operational costs can sometimes be underestimated, and mismanagement in this area can be more costly today for firms in any sector.

Some companies bring their fleet management costs down by optimizing the routes they travel. Others will run tighter maintenance programs to avoid damaging repair costs in future. Some firms will rent out their vehicles, too, rather than purchasing them outright. Drivers may be subject to refresher training courses, ensuring they adhere to their employer’s money-saving policies.

Then there’s the matter of going green, which more companies are turning their attention to. For example, PepsiCo Vice President, Mike O’Connell, stated at the end of last year that, despite hefty costs around the infrastructural changes, his company believed that “the operating costs over time will pay back” to make the arrangement worthwhile in the long run. That sentiment applies to construction firms as well.

There’s also fleet management software to consider. These digital tools can be encrypted on a cloud server and give all users insights into things like fuel usage, the condition of the cars, and the routes travelled. More intricate oversights can be gleaned from fleet usage, and associated costs can be tallied up instantly. Consequently, construction firms would do well to get that installed.

Install Management Software for Construction

Sticking with software ideas for a while longer, construction management software can come with an onslaught of cost-saving advantages for a construction firm. It’s a principle similar to fleet management software in that more detailed real-time analytics can lead to strategy adjustments.

Cost change management can be streamlined with the use of these tools. Project team communication can also be simplified, which leads to time and money being saved all the more. There’s often a modern and intuitive AI to make these systems operational in days, too, which means construction firms can quickly adapt.

Firms like Kahua are often the obvious choice for these solutions. Their cloud-based project management software in construction has been fine-tuned to be tailored perfectly to a firm’s needs. A flexible approach can be undertaken when utilizing it, and firms can be confident that both their present and future business processes can be more carefully managed.

Create Stronger Supplier Links

Suppliers are the lifeblood of any construction business. It’s possible to work more closely with them.

At the end of 2022, Forbes reported that inflation and supply chain disruptions made getting the necessary construction materials more costly and time and consuming today. Their recommended solutions included rather expected budget control measures, but more notably, fostering stronger supplier relations. That way, construction firms can better understand the factors leading to surging material costs.

It may also be better for construction firms to work with local suppliers where possible. That way, they have a better chance of establishing common ground, supporting the local economy and perhaps having more mutual connections in the industry. Delivery costs can also be slashed along with emissions, which are factors that also contribute to a more robust working relationship.

Outsource Where Possible

Construction firms can depend on more than their suppliers to bring costs down. Further help is available.

Such support is usually accessed via outsourcing. Opportunities to do this may involve:

Outsourcing waste management – some of these firms may pay closer attention to the potential of recycling and reusing materials, creating further cost savings.
Outsourcing IT infrastructure – Construction firms have sensitive data they need to protect like any other company and are becoming more digitized like their peers too.
Outsourcing to off-site construction firms – These entities will design and assemble building components away from the area they’ll be used. They’re often pitted against onsite firms, but both can be required for large-scale development projects.

Outsourcing can reduce costs in the long run, but it isn’t an answer to every struggle. Construction firms must continue doing many things for themselves – even monitoring the weather to ensure potential storms won’t cause hazardous work conditions or delays. That self-starter spirit that often drives construction firms should never be lost.

Banking

Top banking trends of 2023 and global outlook of banking and fintech for the year ahead

Published

3 days ago

March 28, 2023

editorial

Author: Professor Marco Mongiello, Pro Vice-Chancellor, The University of Law Business School

You’d be forgiven for assuming that the global outlook for banking and fintech will be dominated by the usual suspects:

Artificial Intelligence – AI plays an increasingly prominent role in banking and fintech by enabling personalised services, fraud detection, predictive analytics, use of chatbots and robo-advisors.

Blockchain and Cryptocurrency – the secure, decentralised and swift system for financial transactions that blockchain has brought to the fore a few years ago, is now becoming ubiquitous. An increasing number of transactions are recorded through blockchains technology, primarily in the cryptocurrency market.

Digital Banking and fintech – accelerated by COVID-19 pandemic, the adoption of digital banking is a trend that will persist as customers have become accustomed to the convenience and efficiency of digital banking. Moreover, fintech enables access to financial services for previously underserved populations in developing countries or less affluent social groups in more affluent societies. This includes mobile banking services, peer-to-peer lending platforms, and microfinance solutions.

Open Banking – another global trend is the use of open APIs (Application Programming Interfaces) that allow third-party developers to build apps to facilitate customers’ access to financial data and services from banks.

Nonetheless, the challenges posed by these rapid changes are reminders that banking, an industry that by its very nature needs to be conservative, risk averse and solid, wobbles on the unchartered grounds of fast and turbulent innovation, where entrepreneurship instead thrives. The underlying rationales of banking and fast digital innovation are not incompatible but do need solid operations and thought-through decision-making to avoid causing catastrophic collapses.

The recent examples of Silicon Valley Bank, Silvergate, FTX and Wirecard are stark reminders that digital entrepreneurship applied to banking doesn’t just bring to customers the visible transformation of valuable new services, but also dents (perhaps as an unexpected consequence) the rationale itself of the role of banks in the global economy. Moreover, the central banks’ ability to contain the effects of single banks’ defaults is no longer a certainty, as experienced just over a decade ago and more recently. The markets’ sentiments are hardly reassured by the commitments of even the most coveted players, such as the European Central Bank, the Federal Reserve, and the President of the United States himself.

Regulators are lagging behind and their attempts to catch up may cause further seismic shocks to the global banking system. For example, another trend that is emerging is one of artificial intelligence decision-centres (i.e., decentralised offices of banks which take autonomous decisions on behalf of investors) outside the most stringent regulatory environments, enabling banks to operate globally more efficiently and more competitively. And we can expect that regulators will close the gap either abruptly, as it is currently happening in China, where private banks are subject to an escalation of regulatory and monitoring restrictions, or more gradually as it is happening in Europe and in the US.

The questions we face, as individual or trade customers of our high street banks, as direct investors or clients of managed funds, are whether banking will become more user-friendly yet, for our daily use but riskier, too, or is it simply becoming more efficient, transparent and also safer.

I’m afraid that the answer is by no means an obvious one. Therefore, caution, level-headed decision- making and critical thinking have never been as important as these days. Whether you are looking after your family savings or growing your pension reserve, the imperative is that you keep updated about the providers of the financial services you rely upon as well as about the general regulations that apply to your financial transactions. This is where, for example, you need to be familiar with your rights in case of cyber fraud, as well as learning how to minimise the risk of becoming a victim thereof. Also, taking additional steps to evaluate the credibility, solidity and reliability of the online provider of that app that was recommended by a trusted friend, may prove a very good move.

Similarly, whether you are the CFO of a medium or large company, or are a sole trader wrestling with your own business’s finances, you need to reflect on what you really want from your bank in the first place. That is before you started to be swayed by the whirlpool of offers of ‘opportunities’ to multiply your financial investments. Chances are that your initial approach to your bank was dictated by either a need for financing your working capital, as per your budget and strategic plans, or to find a safe place for your temporarily idle liquidity. Perhaps you were also after some basic treasury services such as swift payments and debt collection. Maybe some other financial services closely related to your business operations, e.g. factoring. The advice is to give very careful consideration to services that are more remote from your business, because the trend for the next years is that more and more of those will be offered to you. But many new services will disappoint those who, sadly, cannot afford financial mishaps as they look to run and grow their business.