Connect with us

News

Observability and security must converge as the financial services sector goes cloud-first

Published

on

A new Dynatrace report highlights key vulnerability management challenges for banks and insurers.

With AWS Summit taking place July 12 in New York City, Dynatrace will release new data from its global chief information security officer (CISO) survey, revealing the state of vulnerability management in the financial services sector.

“The 2022 CISO Research Report: Financial Services” is based on the responses of 325 IT professionals within banks, insurers, and financial services providers. It reveals the majority of organizations have adopted multicloud environments, cloud-native architectures, and open source code libraries to support efforts to deliver new digital solutions to customers.

The data indicates, however, that organizations’ adoption of these approaches has created significant challenge for financial services organizations in managing and reducing enterprise risk as they innovate. In total, 75% of CISOs within financial services organizations say vulnerability management has become more difficult as the need to accelerate digital transformation has increased.

Layered security strategies are not enough

The rise of modern cloud environments has created a challenge for IT, development, and security teams within the financial services sector. While microservices, Kubernetes, and serverless computing deliver significant benefits for digital banking innovation, these architectures also make application security more complex. To overcome this, 58% of financial services organizations have a layered cybersecurity posture, supported by five or more different types of security solutions. However, even with this robust, layered approach to cybersecurity, the Dynatrace data reveals more than 75% of CISOs in the financial services sector believe their current security posture is not strong enough to keep vulnerabilities from entering production.

“The financial services industry is experiencing significant change, driven by evolving customer demands and intense competition from digital-first providers,” says Amit Shah, Director of Product Marketing, Application Security at Dynatrace. “However, this growing pressure to innovate faster is creating more risk of vulnerabilities escaping into production. It’s now clear that layered security is not enough, as teams simply can’t access all of the context they need to prevent every vulnerability from escaping. As a result, it’s increasingly difficult for them to manage the security of their applications, which could leave sensitive financial data and critical transactions at risk.”

In addition to the challenges created by cloud-native environments, 49% of CISOs said the speed of software delivery makes it easier for vulnerabilities to re-enter production. According to the research, just 6% of financial services organizations have real-time visibility into runtime vulnerabilities.

 

The impact of open source code on runtime application security

Many financial services organizations are already using other methods, such as open source code, to speed up or assist transformation efforts. These approaches, however, can also create security issues, with vulnerabilities regularly emerging in third-party software libraries.

According to the Dynatrace data, just 31% of security teams can access a fully accurate, continuously updated report of every application and code library running in production in real time. Additionally, 29% of CISOs said they do not always know which third-party code libraries they have in production at any given time. The recent discoveries of the Log4Shell and Spring4Shell vulnerabilities have highlighted the impact of susceptible third-party code. The Dynatrace study finds 96% of financial services organizations faced risk exposure from Log4Shell, with over a third saying their risk was “high” or “severe.”

In many cases, security solutions that detect vulnerabilities lack the runtime context needed to enable financial services teams to differentiate a minor flaw from a severe risk. As a result, many of the alerts they receive are low risk, and the sheer volume makes it difficult for security teams to distinguish the serious issues from the relatively harmless ones. Data indicates teams receive, on average, more than 2,200 alerts to potential vulnerabilities monthly, making it nearly impossible to see the forest for the trees. The frustration for CISOs is clear, with 75% of respondents confirming that most of their security alerts and vulnerabilities are false positives that don’t require action because they are not true exposures.

 

Promoting DevSecOps culture and IT automation

In this era of fast-paced digital transformation, financial services organizations must treat security as a shared issue across the business — which calls for a convergence with observability. Instituting a development, security, and operations-merged (DevSecOps) culture is an important step in achieving this. According to the Dynatrace data, only 37% of financial services organizations have a mature DevSecOps culture, where the majority of teams have integrated security practices across the software development lifecycle (SDLC). Implementing a DevSecOps practice is key to converging observability. It provides development, operations, and security teams with the context needed to understand how their applications are connected and where the vulnerabilities are. Dynatrace data finds 82% of CISOs in the financial services sector agree security must be a shared responsibility across the software delivery lifecycle, from development to production.

“If security becomes a shared responsibility,” Shah says, “and organizations converge observability and security, they can accelerate risk management and incident response by giving teams the context needed to make more effective decisions. To be truly effective, financial services organizations should look for solutions that have AI and automation capabilities at their core. These solutions empower teams across banks and insurers to quickly identify and prioritize vulnerabilities at runtime, block attacks in real time, and remediate software flaws before they can be used to exploit sensitive financial data and transactions.”

News

Union Bank of India goes live with RuPay Credit Card on UPI with Kiya.ai as a technology partner

Published

on

By

Nitesh Ranjan, ED Union Bank of India with Rajesh Mirjankar, Managing Director & CEO, Kiya.ai at the launch

 

Kiya.ai, one of the most innovative digital solutions providers in India, announced that Union Bank of India was among the first banks to launch NPCI’s UPI linked to Rupay Credit Card and UPI Lite on the unified payments interface (UPI) platform with Kiya.ai as their technology partner in this achievement.

The announcement comes after the RBI Governor Shri Shaktikanta Das and National Payments Corporation of India (NPCI) launched RuPay credit card on UPI, UPI Lite and Cross Border payments for BBPS at Global Fintech Fest 2022.

Until now, UPI allowed the linking of bank accounts by mapping an account linked with a mobile number and an savings / current account. Earlier in June 2022, the RBI allowed the linking of credit cards with UPI, stating that RuPay credit cards would be initially linked with UPI “to provide additional convenience to users and enhance the scope of digital payments”.

Rajesh Mirjankar, Managing Director & CEO, Kiya.ai, “We are extremely delighted to partner with Union Bank of India in this pilot project of linking RuPay Credit card on UPI. Kiya.ai has partnered with Union Bank of India for various digital payment initiatives including UPI, UPI Lite, UPI linkage to credit card, and sandbox for API banking.  The linking of credit card to UPI will significantly enhance high-volume transactions while also increasing average amount per transaction given the ease of using credit facility on UPI. This is a game-changing initiative as it will ensure safe and contactless transactions, reducing the risk of credit card frauds too.”

Mr. Nitesh Ranjan, ED Union Bank of India said, “We are pleased to embrace the decision taken by the Reserve Bank of India and NPCI to enable Rupay credit cards through UPI. Union Bank of India is proud to be a part of this launch. This is a game changer as one would be able to use a credit card for doing payments using UPI. We are excited to partner with Kiya.ai on this journey, and together, we can provide a smooth user experience to customers and make India even more digitally advanced.”

As part of the pilot project, NPCI will integrate the UPI AutoPay feature with credit card transactions to reduce the risk of defaults on credit card payments.

Continue Reading

News

UK leaves Europe trailing in its embrace of digital banking

Published

on

By

  • People in the UK have embraced digital and online banking in a way that those across the rest of Europe have not, new research by CRIF finds
  • UK consumers are now twice as likely to prefer to apply for financial products and services online via website or in-app, compared to people in other parts of Europe
  • More than half of Europeans still prefer to apply for new financial products in-person
  • The research comes during the cost of living crisis where people in the UK are increasingly looking for greater support from their financial providers

UK consumers are significantly ahead of their European counterparts in their embrace of digital forms of banking, new data shows.

The research, commissioned by Europe’s leading provider of consumer and business credit information – CRIF – surveyed thousands of people in countries across the continent including France, the Czech Republic, Italy, Germany, Slovakia, and the UK, to better understand their attitudes towards financial services.

The findings show that people in the UK are nearly twice as likely as other Europeans to prefer applying for financial products and services online via website or app, including through online chat or video call functions (59% vs 33%)

It also finds that over half (53%) of Europeans still prefer to apply for new financial products – such as current accounts, credit cards or loans – in-person at a local bank branch. In comparison, in the UK only around one in five (23%) would now prefer to go in-person, showing consumers’ embrace of a digital-first approach to banking.

The data underlines the advancements and innovations that the UK’s financial services and fintech sectors have made when compared to other sectors across Europe. The UK continues to be Europe’s most attractive location for international investment into financial services*, with the UK’s fintech sector securing more than $9bn of investment in the first half of 2022, ahead of Germany, Europe’s second biggest fintech destination, with $2.4bn.**

Sara Costantini, CRIF’s Regional Director for the UK & Ireland, said:

“In a digitally dominated world, the way in which we go about our daily lives has changed. And nowhere more so than in banking and financial services. Our research shows that the UK leads the way in Europe when it comes to embracing digital and online methods, but there is still more we can do to utilise digital technologies to help more UK consumers to manage their finances.

“While some are reluctant to share data as they are worried about fraud and security, we should work to allay these fears. Technologies such as open banking are not only safe but can lay the foundations for increased financial support during the current economic crisis.

“Financial providers must do more to educate their customers about the benefits of online and other digital forms of banking to not only help them during the cost of living crisis, but also to drive widespread financial wellbeing and inclusion for all.”

While the UK’s embrace of digital financial services in comparison to the rest of Europe is positive, the research identifies several key challenges to furthering this progress and providing consumers with better services at a time when the cost of living is putting considerable pressure on people’s finances.

Despite growing demand in the UK for more tailored financial products and services – with 34% saying banks should doing more here to meet people’s specific needs at this time – nearly one in five (18%) are still concerned that they would be sold products which aren’t right for them.

When the issue of data is raised, over two-thirds of UK consumers (67%) express concerns that sharing financial data leaves them more open to fraud, underlining the need to educate and reassure customers that innovations like open banking have high security standards and enables a range of consumer benefits.

However, despite this hesitance, more UK consumers are acknowledging the benefits that sharing more of their financial information with providers can bring. CRIF’s research finds around a third of people in the UK would be prepared to share more financial information if it helped providers to better assess their financial situation and improve their ability to borrow (35%) or increase their credit limit (31%). The fact that there are more than 6 million active users of open banking services in the UK reflects this change*** and makes the country the leading adopter of open banking in Europe. ****

The research also shows that younger generations (18-34s) in the UK are significantly more willing to share their data with financial providers, with 53% saying they’d be comfortable doing so if it enabled them to qualify for higher levels of borrowing.

These findings are part of wider research by CRIF into the cost of living crisis in Europe, and its impact on consumer attitudes towards banking and financial services. The full report, Banking on Banks, will be published later this month.

 

Continue Reading

Magazine

Trending

Finance2 days ago

Mini-Budget 2022:

Tax giveaway is a boost for business, but will it drive growth or fuel inflation?   Chancellor Kwasi Kwarteng has...

Finance2 days ago

A zero trust environment is critical for financial services

Boris Bialek, Managing Director of Industry Solutions at MongoDB Not long ago security professionals were still focused on protecting their...

Banking2 days ago

Digital Banking – a hedge against uncertainty?

Ankit Shah, Head of Digital Banking, Apex Group   The story of the 2020’s thus far is one of crisis....

News3 days ago

Union Bank of India goes live with RuPay Credit Card on UPI with Kiya.ai as a technology partner

Nitesh Ranjan, ED Union Bank of India with Rajesh Mirjankar, Managing Director & CEO, Kiya.ai at the launch   Kiya.ai,...

Finance3 days ago

Anyone Can Become an R&D Tax Expert with the Right Foundations

Ian Cashin is a Customer Success Manager at Fintech company and R&D tax software provider WhisperClaims   For accounting firms,...

Business3 days ago

Addressing the ongoing global pilot shortage issue

By Bhanu Choudhrie, Founder of Alpha Aviation   The Covid-19 pandemic brought the aviation industry to a halt, causing vast...

Business3 days ago

How exporters can mitigate risks and operate smoothly in stormy, post-Brexit waters

By Morgan Terigi is Co-Founder and CEO of Incomlend   The past few years have presented a series of hurdles...

Business3 days ago

From employees to customers, workforce management can benefit the entire banking ecosystem

Michael Cupps, SVP of Marketing of ActiveOps explores the significant impact workforce management can have on the employees and customers...

Business4 days ago

Redefining the human touch with digital transformation

Simon Kearsley, CEO of bluQube   It may not be a new phrase, but digital transformation is still inducing anxiety...

Finance7 days ago

CFOs – the forgotten ally in the fight against ransomware

Justin Vaughan-Brown, VP Market Insight at Deep Instinct   Ransomware attacks have nearly doubled in the past couple of years....

Technology1 week ago

7 cost benefits of cloud accounting software

By Paul Sparkes, Commercial Director of iplicit, an award-winning accounting software developer   Is your accounting software having a laugh...

Business1 week ago

How does Identity Access & Privileged Access Management help in PCI DSS Compliance?

Narendra Sahoo is a director of VISTA InfoSec. Introduction The Payment Card Industry Data Security Standard also commonly referred to...

Finance1 week ago

Listed private debt deserves a closer look from investors

By Michel Degosciu, Managing Partner, LPX AG Over the past few years, the private debt asset class is attracting serious...

Banking1 week ago

Security vs online payment convenience: which one is tipping the scales for customers?

 Chirag Patel, President of Digital Wallets at Paysafe.   While keeping their payment details safe is a top priority for...

Business1 week ago

The Tool and Tips to Truly Get Started with No-Code Development

Author: Chris Obdam, CEO of Betty Blocks   Throughout the legal industry, firms and in-house departments are leveraging legal tech...

That’s where Netcall’s Liberty Create came in. Create is a new breed of low-code software solution, built for both business users and professional developers That’s where Netcall’s Liberty Create came in. Create is a new breed of low-code software solution, built for both business users and professional developers
Business2 weeks ago

How ReFi Will Transform Finance

– by Ransu Salovaara, CEO of carbon platform Likvidi   Humanity faces a multitude of threats, many of which are...

Business2 weeks ago

THE NEXT WAVE OF FINTECH IS HERE

Much has been made of the ‘second generation’ fintech movement recently, but what have these businesses learned from those entering...

News2 weeks ago

UK leaves Europe trailing in its embrace of digital banking

People in the UK have embraced digital and online banking in a way that those across the rest of Europe...

Business2 weeks ago

The rise of automation and its impact on the CFO & CIO

By: Gert-Jan Wijman, VP Europe, Middle East and Africa at Celigo   On the back of the pandemic, organisations have...

News2 weeks ago

Managing fuel spend during unprecedented volatility

Attributed to Paul Holland, MD of UK Fleet, Allstar Business Solutions   With the price of fuel on everybody’s minds,...

Trending