Connect with us

Finance

HOW FINANCIAL SERVICES CAN ACHIEVE ZERO TRUST

Published

on

By Ian Jennings, Managing Director, BlueFort Security

 

Financial data is one of the most prized targets for cyber criminals.  This makes any organisation collecting, processing and storing financial data on any scale a target for attackers.  Even relatively simple attacks – as in the case of the distributed denial of service (DDoS) attack against the New Zealand stock exchange – can take operations down completely.  However, for large financial services firms the threat against this data is growing larger, more complex and increasingly sophisticated by the day.

The cyber threat landscape has changed dramatically over the course of the pandemic and many UK financial services firms have felt the squeeze.  A recent report from the Ponemon Institute commissioned by Keeper Security revealed the majority of organisations in the UK financial sector suffered cyber-attacks in 2020 – driven primarily by attackers targeting employees working remotely.  Security leaders in these organisations fear the worst – 41% are concerned remote workers are putting their organisation at risk of suffering a significant data breach.

 

Thinking strategically with Zero Trust

There’s no doubt the massive shift to remote work has created new vulnerabilities for criminals to exploit, but IT security teams do have a strategy available that will help counter these exploits: Zero Trust.

A Zero Trust strategy works by limiting privileges and access for users and devices until their identity and legitimacy can be verified first – even if they are already on the network.  Rather than assuming trust for anything that has successfully logged onto the network, a Zero Trust strategy verifies and re-verifies users and devices each time they attempt to access different parts of the network.

A well-implemented Zero Trust strategy offers a layer (or, in reality, multiple layers) of additional security against many types of attack.  Brian Kime, Senior Analyst at Forrester, recently pointed out the importance of looking at Zero Trust in response to the ransomware attack on the US Colonial Pipeline.  Discussing the fragility of most IT systems in the face of these attacks, Kime explains that – despite myths – a Zero Trust strategy is neither costly nor complex to deploy.

 

The net result of remote working

Security concerns around remote working in the UK financial sector are well-founded, given the speed at which nearly all organisations in the sector were required to deploy a remote workforce and the pressure IT teams were under to maintain operations.  Recent Trend Micro research revealed that remote workers often engage in more risky behaviour at home than when they’re at the office.  Combine this with a surge in COVID-19 phishing emails and a swathe of shared or unsecured personal devices and you have a perfect storm of risk.

The net result today for many UK financial organisations is a huge concern for malware-infected endpoint and IoT devices, insecure network access and compromised credentials leading to identity-based attacks.  Indeed, the 2020 Zero Trust Endpoint and IoT Security report from Pulse Secure – which explored how enterprises are advancing Zero Trust endpoint and IoT security capabilities within their individual organisation – found that 72% of organisations experienced an increase to significant increase in endpoint and IoT security due to workforce mobility and remote workplace flexibility.

 

It’s all about the data

A Zero Trust approach allows an organisation to defend itself against identity-based attacks.  In its simplest form, it acts as a layered security approach that assumes an attacker will breach the corporate network.  Instead of prevention, a Zero Trust architecture acts as a guardian against lateral movement once an attacker is inside the corporate network.  When deploying a visibility and access control strategy like Zero Trust, financial services organisations should consider three key building blocks:

  1. Validation – of users and their devices’ security posture
  2. Control – of access through granular policy enforcement
  3. Protecting and encrypting data transactions

In the new mobile world of work – with many employees working remotely – it is crucial that IT security teams focus on the data.  Data moves with endpoints and this makes them attractive targets for cyberattacks.  Security policy, therefore, must move with users and data and should not be tied to a particular location.  Just as endpoint security products secure and collect data on the activity that occurs on endpoints, network security products do the same for networks.  To effectively combat advanced threats, both need to work together.  An integrated approach that combines endpoint and network security is the only way to achieve end-to-end protection across your entire security architecture.

 

And finally: get your users on board

User experience can often fall far down the priority list when it comes to IT security, but it should be seen as a crucial factor in long-term security posture.  A Zero Trust strategy should incorporate a positive user experience while it enforces policy compliance across employees, guests and third-party users – regardless of location, device type, or device ownership.  Users enjoy greater productivity and the freedom to work anywhere without sacrificing access to authorised network resources and applications.

A Zero Trust strategy may seem like an unachievable goal, but it isn’t.  Fundamentally, it’s about achieving a state of continuous verification and authentication throughout the network, with centralised policy enforcement and a seamless experience for users.  This ensures any device – whether that’s a company-issued laptop, an employee’s personal tablet or a stray IoT device – can only connect to authorised applications on the corporate network in a compliant manner.  In the case of attack, Zero Trust can help contain the breach, limit the damage and significantly speed up an organisation’s path to recovery.

 

Finance

THREE STEPS TO ENSURE RECOVERY OF COVID LOANS GOES SMOOTHLY

Published

on

By

In the wake of the pandemic, the government acted quickly to provide financial Covid support packages to help struggling businesses. With the economy now recovering, Mike Hampson, CEO at Bishopsgate Financial explores the range of options available for banks to ensure that those loans are repaid.

 

Since the start of the pandemic, businesses have raised over £75bn[1] from banks and financial markets, through interest-free emergency support schemes. But the harsh reality is that not all loans will be honoured as the economy recuperates.

As a result, banking professionals with client relationship management experience and skills in supporting clients to repay loans in a challenging business environment, will be in high demand.

 

Mike Hampson

Setting up training capabilities for client support post-pandemic

Commercial bankers estimate 60% of new coronavirus scheme loans[4] will default or suffer other repayment issues that will drive previously unseen levels of non-performing loans. It’s a tough balancing act and one that demands careful management of the lending transaction lifecycle, from origination through to collection, recovery, and handling bad debts. Banks no doubt already have frameworks in place to manage these elements, but it’s highly important to make customer interactions as easy as possible and ensure their genuine concern for their customers is clear.

Subsequently, hundreds of workers at major banks including HSBC, NatWest and Metro Bank[5] are understood to be receiving training in how to deal with vulnerable customers and “demonstrate empathy” as the first wave of repayments for coronavirus loans fall due. Staff ‘sensitivity[6] training builds on client-support and workout capabilities, such as improving sensitivity to early-warning systems, developing short-term forbearance solutions and loan modifications, and providing guidance on alternative products.

This approach may further avoid the additional pressure on the UK’s mental health crisis as financial institutions prepare to call in loans issued during the pandemic.

HSBC, which now has 400 staff in its debt collection team,[7] said the aim was to ensure staff had a “consistent understanding of vulnerability” and are “aware of the factors that could make an individual vulnerable” when having repayment conversations with customers.

An executive at another bank said its expanded debt collection team was being trained in “empathy, vulnerability and listening skills”. The individual told The Telegraph: “Ultimately, we don’t want to damage the economy by being overly aggressive.”

A peculiarity of a crisis situation is that customers don’t always know what they will need until that need is pressing. Finding that their bank is prepared to help in unexpected ways will go a long way toward reassuring them.

[2] https://www.law360.com/articles/1355897/

[3] https://www.bishopsgate-financial.com/insights/the-change-perspective/the-change-perspective-2021

[4] https://www.grantthornton.co.uk/insights/how-to-manage-upcoming-non-performing-loans/

[5] https://industryslice.com/NewsLetter/8_33

[6] https://www.telegraph.co.uk/global-health/climate-and-people/covid-19-has-amplified-parallel-pandemic-poor-mental-health/

[7] https://www.msn.com/en-gb/money/other/bank-staff-get-sensitivity-training-before-calling-in-covid-debts/ar-BB1fNMte

Continue Reading

Finance

FOUR STEPS TO INTEGRATING INTELLIGENT AUTOMATION IN THE FINANCE DEPARTMENT

Published

on

By

Marieke Saeij, CEO of Visma | Onguard

 

It’s clear that Intelligent Automation (IA) is still very much an emerging technology, with one indication being that is has only been mentioned a handful of times on Twitter since the beginning of 2021. Results from our latest annual FinTech Barometer reveal a mixed picture in terms of awareness, with half of finance professionals having never heard the term before. Whilst this is unsurprising for a technology concept very much in the ‘early adopters’ stage, organisations can stand to gain real benefits from embracing Intelligent Automation now, particular within the finance department. With this in mind, we explore some of these benefits and share a step-by-step best practice to implementing it into business operations.

 

Intelligent Automation ensures a predictable order-to-cash process

Such is the speed of introduction of new technologies that it’s a challenge for businesses to keep pace. As the newest innovation in finance, Intelligent Automation is one that organisations can’t afford to let pass by. It truly takes financial process automation to the next level. In addition to helping maintain a high-quality customer service, it also complements the existing skillset of finance professionals in the industry.

Marieke Saeij

While Robotic Process Automation (RPA) and Big Data are key innovations for the sector, IA can be likened to an additional layer that enhances existing technologies. By combining applications, this layer is capable of independently assessing situations and determining the appropriate process sequence. It can, for example, fully determine the risk of a specific customer, and can also predict at an early stage which invoices will be paid late, or even not at all, ensuring that finance professionals can then plan accordingly. The result is a reliable and predictable order-to-cash process.

 

The four steps to an IA-proof organisation

While the benefits of IA are numerous, implementing the technology can prove complex, although some are already treading the IA path without knowing it. In this instance it’s crucial to become aware and begin the purposeful process to full integration. Below are the four key steps to becoming fully IA-proof.

  1. Exploring the potential: Brainstorm where automation can be applied

Step one is to examine the extent to which automation can help your organisation. Blue sky thinking is the key here. What is the ideal relationship with the customer? What does the ideal order-to-cash process look like? In this phase, involving multiple departments from within the organisation is key, from management to operations. The finance professionals who have the most contact with customers are likely to have the strongest knowledge of which processes they would like to see automated. With no limits to ideas, it’s best to explore all the opportunities in the entire order-to-cash process and describe broadly the potential value to the organisation.

 

  1. Decipher which data and technology is needed

The second step is to map out which data and technology is required. Working with a specialist, either external or from the internal IT department, is beneficial at this stage to see where the opportunities lie. In many cases, off-the-shelf solutions are already readily available to help make the difference, so it pays to do the research and gain advice where possible.

 

  1. Firm up the strategy

With the plan mapped out, it’s time to fit the pieces of the puzzle together. Which technology and accompanying software is proving most valuable? It’s vital at this stage to analyse the results the organisation is achieving from deploying the right technology and software. It’s also important to outline any limitations and emphasising the potential risk of failure. This is the business case and the basis for the elevator pitch that will be presented to internal stakeholders.

 

  1. Draw up the roadmap and start benefitting from agility

The fourth and final step is prioritisation. The roadmap will describe step-by-step how to move from the undesired current situation to the desired end goal. In the first step, choosing a subproject that is relatively easy to achieve will help gain support from other departments within the business, and provide invaluable experience that can be applied to the more complex components that follow later. This agile approach facilitates a learn-by-doing mindset and allows the following steps to be tackled in a smarter and simpler way.

 

Effective preparation is half the battle

Exploring the potential of automation, mapping the required data and technology, establishing the strategy and laying out the roadmap are the four crucial steps to ensure the foundation for Intelligent Automation. Effective preparation and estimating which technology and accompanying software is needed will help to create a streamlined and error-free order-to-cash process. To ultimately save time and costs, empower finance professionals and maintain customer loyalty, the time for Intelligent Automation is now.

 

Continue Reading

Magazine

Trending

Business1 day ago

HOW TO ENHANCE THE CUSTOMER EXPERIENCE IN YOUR RETAIL STORE

Do you own your own retail store? Are you hoping that 2021 is the year you are able to grow...

Finance1 day ago

THREE STEPS TO ENSURE RECOVERY OF COVID LOANS GOES SMOOTHLY

In the wake of the pandemic, the government acted quickly to provide financial Covid support packages to help struggling businesses....

News1 day ago

SALESFORCE EXPANDS ITS FINANCIAL SERVICES OFFERINGS WITH NEW PRODUCTS FOR CORPORATE AND INVESTMENT BANKING

Tailored tools integrated into Financial Services Cloud support the industry’s transition to digital-first, helping deals get done from anywhere New...

Finance1 day ago

FOUR STEPS TO INTEGRATING INTELLIGENT AUTOMATION IN THE FINANCE DEPARTMENT

Marieke Saeij, CEO of Visma | Onguard   It’s clear that Intelligent Automation (IA) is still very much an emerging...

Technology1 day ago

READING BETWEEN THE BUZZWORDS: DISCOVERING THE POWER OF INTELLIGENT AUTOMATION?

by Yad Jaura, Product Marketing Manager at Netcall    The nature of automation means that new technologies, ideas and solutions are frequently...

Finance1 day ago

FOR THE FINANCIAL SERVICES INDUSTRY TO THRIVE POST-COVID-19, AUTOMATION WILL BE KEY

By Anubhav Mehotra, VP and Head of Infrastructure and Cloud Services for Financial Services at HCL Technologies   The economic...

News1 day ago

CROWN AGENTS BANK ACCELERATES INNOVATION AND GROWTH PLANS WITH THE APPOINTMENT OF HEAD OF FINTECH AND CHIEF COMMERCIAL OFFICER

Industry leaders David Mountain and Joe Hurley appointed to Crown Agents Bank’s Executive Committee The new hires will drive forward...

Finance2 days ago

WHAT IS THE MOST IMPORTANT TECHNOLOGY TREND FOR 2021?

While our world seems to be undergoing lots of economic uncertainty, the world of decentralization is blossoming. And this does...

Finance3 days ago

A BRIEF GUIDE TO TRADING IN CRYPTOCURRENCY SECURELY

Trading in cryptocurrency is becoming increasingly popular in the financial world. Crypto’s huge rises in value over recent months has...

News3 days ago

CHECKMARX APPOINTS ROMAN TUMA AS CHIEF REVENUE OFFICER

Veteran security leader to oversee Checkmarx’s go-to-market strategy and drive demand for developer-centric AST solutions   Checkmarx, the global leader in developer-centric application...

News3 days ago

CASHFLOWS ANNOUNCES GLOBAL PARTNERSHIPS WITH IMX SOFTWARE AND EDYNAMIX TO OPTIMISE PAYMENTS ACROSS A WIDE RANGE OF INDUSTRIES

Each new partner will integrate Cashflows’ acquiring solutions to expand their payment methods, access data in real time to speed-up...

News3 days ago

LINE AND PT BANK KEB HANA INDONESIA LAUNCH LINE BANK IN INDONESIA

The launch of LINE Bank in Indonesia signals a significant expansion in LINE’s fintech business, following the successful launch of...

Business3 days ago

A GLOBAL ESG STANDARD IS ON THE HORIZON. IS UK INDUSTRY READY?

Richard Wall is the Founder and CEO of Emex, which provides ESG and EHS software solutions to businesses    Fifteen...

Finance3 days ago

2021: THE YEAR THE FINANCIAL SERVICES SECTOR WILL ENTER THE ERA OF BOUNDLESS CUSTOMER ENGAGEMENT

Steve Bell, VP EMEA Solutions Consulting, Verint Systems   It can feel like businesses lurch from one disruption to another....

Business3 days ago

HOW TO UP YOUR EMAIL MARKETING GAME IN THE FINANCIAL INDUSTRY

Sam Holding, Head of International, SparkPost   The secret to a successful marketing campaign, no matter the industry, comes down...

News5 days ago

ETRADING SOFTWARE’S DIGITAL TOKEN IDENTIFIER FOUNDATION ESTABLISHES TASK FORCE WITH ASSOCIATION OF NATIONAL NUMBERING AGENCIES ON DIGITAL ASSET STANDARDS

To examine synergies between the DTI and ISIN standards   Etrading Software (ETS), global provider of technology-led solutions designed for...

Finance5 days ago

WHY FINANCIAL SERVICES NEED TO ADOPT LEAN AND AGILE PRINCIPLES

By Philip Farah, AVP Head Digital Transformation Services, Global Accounts at World Wide Technology (WWT)   The financial services industry...

Finance5 days ago

HELP YOUR TEENAGER MANAGE MONEY BETTER

By Kerry Sutherland, certified financial planner at Alexander Forbes   Helping your teenager start good money habits now will serve...

Banking1 week ago

BANKS OF THE FUTURE WILL BE ASSEMBLED, NOT BUILT: HOW BANKS CAN EXPAND AND INNOVATE BY RETHINKING THEIR PARTNERSHIPS

Author: Kelly Switt, Senior Director, Financial Services Strategy, Ecosystem and Strategic Partnerships, Red Hat   The financial services business ecosystem...

Top 101 week ago

SKILLING AND METROPOLITAN X PARTNER TO OFFER ADVANCED TRADING EDUCATION PROGRAM

Skilling, a Scandinavian fintech providing online trading on a wide range of world markets, has announced a strategic partnership with...

Trending