Connect with us

Business

Out of office, home and away, moving up, moving on; when security goes AWOL

Published

on

Steve Bradford, Senior Vice President EMEA, SailPoint 

 

The financial services industry has one of the highest rates of insider data breaches, costing on average $21.25 million in the past year alone. Whether it’s an employee acting with malicious intent, or through accidental data mishandling, staff have access to sensitive information and systems that make them a constant vulnerability. And this threat only escalates when staff go on the move.

With the summer holiday season upon us, thoughts will be turning to well-deserved time off, travel and downtime. However, for many, especially in the financial industry, the notion of waiting until the summer months to sample a new life was not feasible. In the period following Covid, the industry has suffered at the hands of the Great Resignation as burnt-out employees left for new roles. As a result, research from PwC suggests that financial services leaders have had to prioritise employee retention amid the swathes of staff exiting.

This exodus is not just a threat to the workforce itself. It also results in greater threats to resilience, security and compliance. Ensuring that the doors to the organisation’s data are appropriately locked behind them is vital whenever employees are on the move. When a staff member leaves a bank or financial institution, security leaders must ensure they have not inadvertently handed over the keys to the safe as a leaving present. Revoking any and all access and privileges to company data must be a priority.

 

Don’t leave the door ajar 

Disorganised, ill-managed and manually-processed access requirements and identity management protocols are an open invite for security breaches.

However, it is not just those leaving for good that pose a threat. Recently promoted your long-serving payroll manager to a longed-for role in financial oversight? That positive move could result in entitlement creep, where the permissions to data, apps, information and systems she enjoyed in payroll follow her to her new home.

Permission creepers are those staff who collect permissions and access rights as they go through their career, picking up credentials to systems and data as they go. Of course, to restrict the opportunities for hacking, insider threat or illegal or incompliant activity, permissions should only be granted when relevant and required for an individual’s job. However, too many companies allow permissions to creep by not taking a proactive approach to access. This can result in toxic permissions combinations, where employees are granted inappropriate access to the systems, making fraud and error far more likely.

Even a simple summer holiday can provide an open-door opportunity. We are all conscious about signaling to would-be home burglars that we are going away on holiday, and we will take steps to protect our property in our absence. The same principle applies to businesses with staff out of the office on vacation – potentially logging in from insecure locations or signaling to cybercriminals that their attention is elsewhere.

The results of leaving the door ajar are costly. According to the IBM Cost of a Data Breach Report 2021, the average cost of a data breach in the financial sector is $5.72 million.

Permissions creep, unrevoked access and unmanaged identity provide the perfect conditions for the insider threat to propagate. As Gaurav Deep Singh Johar, of the Information Systems Audit and Control Association explained, “While these challenges are present in any institution, insider threats pose a greater risk for banks. There is a big reputational impact, thanks in part to increasing regulatory oversight.”

 

Don’t let permissions security set sail into the sunset

Financial organisations are complex landscapes, with labyrinthine corporate structures and siloes that cast a dark shadow over access and identity visibility. However, identity security technology is moving fast. Now, automated systems powered by AI and machine learning mean that permissions can be automated and access granted on a need-to-know basis, based on individuals’ employment status, roles, and responsibilities.

An automated system will quickly track down and disable ex-employees’ accounts and automatically halt permissions creep as employees move about the organisation.

The same technology can now also be even more diligent than that, monitoring access requirements based on any change in the workforce, like people being out of the office.

The evolving variety and fluctuating workforce mean that the insider threat can only be met with automated, streamlined identity security that moves as quickly as employees themselves. Without intelligent, streamlined identity governance, banks cannot ensure they are in a state of compliance, nor ensure cybersecurity in real-time. They also miss out on opportunities to improve operational efficiency and reduce the risk of fraud and error. Automation also ensures the accuracy and completeness of data sets so critical for keeping on top of compliance and delivering critical services.

As financial workforces are on the move, home and away and to pastures new, now is the time for banks to give identity security its time in the sun. Do not let shifting sands collapse the walls around you. Wherever your employees are coming from and going to, robust security and sustained compliance start with automated identity management.

 

Business

CBDCs: the key to transform cross-border payments

Published

on

By

Dr. Ruth Wandhöfer, Board Director at RTGS.global

 

If you work in finance, you’ll have been hearing a lot about central bank digital currencies (CBDCs) and the moves different markets are making towards using, regulating and evaluating the viability of moving to an economy based on digital currency.

We are already seeing progress in the research, piloting and introduction of CBDCs into the financial system. The Banque de France for example, recently launched its second phase of CBDC experiments in line with the “triple digital revolution” unfolding in the financial sector. The infrastructures of financial markets and fintechs, however, are not prepared to accommodate their security, stability, and viability.

This could be an issue in the not too distant future. Each year, global corporates move nearly $23.5 trillion between countries, equivalent to about 25% of global GDP. This requires them to use wholesale cross-border payment processes, which remain suboptimal from a cost, speed, and transparency perspective. In fact, the G20 cross-border payments programme considers improving access to domestic payment systems that settle in central bank money, as one of the key components in facilitating increased speed and reducing the costs of cross-border payments.

The current state of cross-border payments

International transactions based on fiat are currently slow, expensive, and highly risky due to today’s disconnected financial infrastructure, messaging, and liquidity. Wholesale cross-border payment settlement can take 48 hours or longer, which is not practical in today’s digital world. Even if not every market moves to CBDCs, in an increasingly digital era, cross-border settlements between central banks will unavoidably involve dealing with CBDCs. So, not only will we have different currencies, we’ll have different technical forms of currency being exchanged – digital and fiat – as markets adopt CBDCs at different rates, adding another layer of complexity to cross-border settlements.

While there is much anticipation about the opportunities CBDCs can bring, the adoption of this technology will only be widespread if payment and settlement capabilities are overhauled to allow for new innovations in currencies.  This need for transformation represents an opportunity to redesign existing infrastructure to support cross-border CBDC transactions.

The current cross-border payments system involves correspondent banks in different jurisdictions using commercial bank money. Uncommitted credit lines used in cross-border transactions are a potential risk for any bank that relies on credit provided by a foreign correspondent bank. Interestingly, there is no single global payment and settlement system, only a complicated network of interbank relationships operating on mutual trust. While trust has allowed financial systems to function smoothly, when it begins to fail, as it did during the 2008 financial crisis, the result can be catastrophic.

Following the crisis, the Bank for International Settlements (BIS) implemented the Basel III agreement, which required banks to maintain additional capital against correspondent banking account exposures. These risk-weighted assets impose a costly capital charge on positions held by banks at other banks under correspondent arrangements. While this framework helps combat risk, it neglects to address the inherent problems in traditional correspondent banking that contribute to these risks.

Making the case for CBDCs

CBDCs can offer an improvement in settlement risks and are certainly thought to have potential benefits by the BIS. If implemented correctly, wholesale CBDCs can indeed accelerate interbank transactions while eliminating settlement risk. They can also encourage a more efficient and straightforward method of executing cross-border payments by reducing the number of intermediaries.

It is likely the evolution towards CBDCs will initially see the financial market supplement rather than replace existing payment instruments with new types of digital currency. CBDCs will coexist with current forms of money in a wholesale context, and their payment rails will also work alongside the existing payment systems. In simple terms, CBDCs will need to be linked to the broader capital markets ecosystem and applications such as securities settlement, funding, and liquidity.

If built with an innovation-first mindset, the future of banking infrastructure should provide full interoperability and convertibility between fiat, CBDCs, and any other type of digital money used in wholesale payments.

The future of CBDCs

To unlock the full potential of CBDCs, a ‘corridor network’ will need to be formed. This involves combining multiple wholesale CDBCs into a single, interoperable network under common governance agreed upon by all central banks involved. The legal framework of this platform would then allow for payment versus payment (PvP) or, where applicable, delivery versus payment settlement.

Practical wholesale CBDCs appear to be on the horizon, either as a supplement to existing financial systems or as part of a transition to a digital, cashless world. Looking ahead, central banks would benefit from collaborating with fintechs that provide innovative cloud native technology to enable seamless wholesale cross-border payments without interfering with the flow of funds. If wholesale CBDCs are to become a reality, fintechs must be prepared to accommodate them.

 

Continue Reading

Business

Green growth: The unstoppable rise of climate technology investment

Published

on

By

With the investment community focusing more and more on renewable technologies, investor interest is at an all-time high. Ian Thomas, managing director, Turquoise, reviews the current investment landscape and highlights the opportunities for investors keen to capitalise on this growing trend.

Green, or climate, finance is a label for providers of finance who are supporting investments seeking positive environmental impact. The label covers investments in green infrastructure, venture capital investment in clean technologies and renewable energy. Green finance has grown by leaps and bounds in recent years, supporting public wellbeing and social equity while reducing environmental risks and improving ecological integrity.

Worldwide, energy investment is forecast to increase by 8% in 2022 to $2.4 trillion, according to a new report by the International Energy Agency, with the expected rise coming mostly from clean energy – $1.4 trillion in total. To put this rocketing figure into some perspective, clean energy investment only rose by 2% annually in the five years following the signing of the Paris Agreement in 2015. Energy transition investment has some way to go, however – between 2022 and 2025, to get on track for global net zero, it must rise by three times the current amount to average $2,063 billion. [1]

Turquoise has been active for almost 20 years as a venture capital investor and adviser to companies in the climate technology space that are raising capital and/or selling their business to a strategic acquirer. Reviewing current industry investment news, as well as drawing on examples from the portfolio of Low Carbon Innovation Fund 2 (LCIF2), managed by Turquoise, I have commented below the latest on the renewable energy trends most piquing investor interest.

 

Solar PV

Renewable power is leading the charge when it comes to investment, with wind energy and solar PV emerging as the cheapest option for new power generation across many countries, and now accounting for more than 80% of total power sector investment. Solar power is responsible for half of new investment in renewable power, with spending divided roughly equally between utility scale projects and distributed solar PV systems.

This huge increase in solar spending, which continues in spite of supply chain issues affecting raw material delivery, has been driven by Asia, largely China (BloombergNEF, 2022). Meanwhile, Europe is re-doubling its efforts to achieve an energy transition away from Russian gas and other fossil fuels, building on investment that was already rising steadily prior to the outbreak of war in Ukraine. Germany, the UK, France and Spain all exceeded $10 billion on low-carbon spending in 2021.[2]

 

Wind

Last year was a record year for offshore wind deployment with more than 20GW commissioned, accounting for approximately $40 billion in investment. The first half of 2022 saw $32 billion invested in offshore wind, 52% more than in the same period in 2021 (BloombergNEF, 2022). Taking into account also onshore wind, in 2021 investment was spearheaded by China, followed by the US and Brazil.[3]

In the UK, suggested targets include plans to host 50GW of offshore wind capacity, as well as 10GW of green and blue hydrogen production, by 2030. Investors will naturally be encouraged by proposals to simplify the planning process across the board for renewable projects.[4] France and Germany have also increased their offshore wind targets, signalling further support for investment.

 

Decarbonising housing: the business opportunity

The need to decarbonise residential housing, made all the more urgent by current energy prices, also offers substantial scope for investment. The gas price spike is naturally increasing interest in technology such as electric heat pumps, which had already enjoyed 15% growth in 2021 albeit from a very low base.

Recently, Turquoise announced an investment by Low Carbon Innovation Fund 2 (LCIF2) in Switchd, which operates MakeMyHouseGreen, a data-driven platform that allows homeowners to source and install domestic renewable energy generation, including solar panels and battery storage with other energy saving products in the pipeline. The investment will enable Switchd to roll out the MakeMyHouseGreen platform to a much larger number of customers. The latest episode of the Talks with Turquoise podcast series saw us interview Switchd co-founder Llewellyn Kinch about the UK energy market and national transition to decarbonisation, covering the rise of residential renewable energy and energy efficiency.

 

Adapting to the low-carbon economy

Meanwhile, investors should not forget opportunities on the other side of the energy market. Renewables are undoubtedly exciting investors, but there are also opportunities for fossil fuel companies to adapt their business models to the low-carbon economy. Turquoise advised GT Energy, a portfolio company from our first fund that develops deep geothermal heat projects, on its sale to IGas Energy, a leading UK onshore oil & gas producer. Under IGas ownership, GT Energy will progress its flagship 14MW project to supply zero-carbon heat to the city of Stoke-on-Trent through a council-owned district heating network.

 

A broad investment landscape

Forecasts show that renewables will increase to 60% of power generation in Europe by 2030, and 40% in the US and China by the same date.[5] As demand rises for climate technology, the investment opportunities in green finance are far broader than they ever have been. Undoubtedly, as the energy crisis continues, investor interest will continue to soar to even greater heights.

[1] https://www.iea.org/news/record-clean-energy-spending-is-set-to-help-global-energy-investment-grow-by-8-in-2022
[2] https://ihsmarkit.com/research-analysis/global-power-and-renewables-research-highlights-july-2022.html
[3] https://dialogochino.net/en/uncategorised/56938-global-wind-energy-council-vice-chair-brazil-offshore-wind-accelerating-2/
[4] https://www.edie.net/uks-clean-energy-investment-ranking-rises-after-government-sets-95-low-carbon-electricity-target-for-2030/
[5] https://www.spglobal.com/en/research-insights/featured/energy-transition-renewables-remain-the-cornerstone-of-future-power-generation

Continue Reading

Magazine

Trending

Business10 hours ago

CBDCs: the key to transform cross-border payments

Dr. Ruth Wandhöfer, Board Director at RTGS.global   If you work in finance, you’ll have been hearing a lot about...

Business10 hours ago

Green growth: The unstoppable rise of climate technology investment

With the investment community focusing more and more on renewable technologies, investor interest is at an all-time high. Ian Thomas,...

Business11 hours ago

Bolstering know your customer processes as regulation tightens

Nick Payne, banking services, customer advisory, SAS UK & Ireland, discusses how new technologies allow financial services companies to develop rigorous KYC...

Finance11 hours ago

The penny has dropped – the finance sector needs Data Governance-as-a-Service

By Michael Queenan, Co-Founder and CEO at Nephos Technologies   In our data-driven world, the amount of data is growing...

Business11 hours ago

Seven tips for financial services brands using mail

By Cameron Russell, Head of Marketing at Marketreach   Customer experience (CX) is a powerful differentiator for modern brands. If...

Top 1012 hours ago

Turn the data landfill into an insight goldmine

Andrew Watson, CTO, MHR Today, businesses have access to a wealth of data, with vast amounts of information created daily....

Business12 hours ago

A Culture of Cyber Security Throughout Financial Services Organisations

Michael Cantor, CIO, Park Place Technologies Financial Services organisations have long been a top target for cyber-attacks given both the...

Business3 days ago

Financial Stability Board Gives Full Support to Wide LEI Use in Global Payments

Clare Rowley, Head of Business Operations at the Global Legal Entity Identifier Foundation The strongest recommendation yet by the Financial...

Business3 days ago

On-demand pay: why payroll needs a modern approach

Byline:  Paul Bartlett, CEO, CloudPay   While the world of work has evolved drastically over the last decade, payroll has...

Business3 days ago

 ‘What should real estate investors be doing now – has the market hit rock bottom or is now the time to buy?’

Following many years of housing prices soaring and competition steadily increasing, real estate growth has finally started to slow, likely...

Business4 days ago

Expert Guide for Email Marketing to Improving Your Conversion Rates

If you talk about email marketing campaigns, it would seem like an old-fashioned advertising style. But it is still an...

Banking6 days ago

Augmented automated underwriting and the evolution of the life insurance market

By Alby van Wyk, Chief Commercial Officer at Munich Re Automation Solutions   It’s almost inevitable. Spend your working life...

Banking1 week ago

ESG in the finance and banking industry – are you ready?

By Julian Moffett, CTO BFSI, EDB   Environmental, Social and Governance (ESG) has soared towards the top of banking, financial...

Top 101 week ago

An Entrepreneur’s Guide to Investing in Bitcoin

Marcus de Maria, Founder and Chairman of Investment Mastery.   Over recent years, Bitcoin has been steadily growing in popularity...

Business1 week ago

Overcoming macroeconomic challenges

By Mike Chambers, formerly CEO of Bacs and a consultant at Access PaySuite.   For businesses offering a subscription-based service, the...

Banking1 week ago

How unlocking the potential of tokenised markets can help banks keep pace with the digital economy

Giulia Secco is the Strategic Partnership & Ecosystem Manager at Fnality International.   In the aftermath of the 2008 financial...

Banking1 week ago

The role of Artificial intelligence in compliance at banks

Sujata Dasgupta, Global Head – Financial Crime Compliance Advisory, Tata Consultancy Services   There’s not a financial institution across the...

Technology1 week ago

Scaling securely in the automation-first era

By Brandon Traffanstedt, Sr. Director, Field Technology Office at CyberArk   Robotic process automation (RPA) has been one of the...

Business2 weeks ago

Putting technology to work on entrepreneur fund-raising

By Simon Glass, CEO, Qodeo   Human relationships are behind the most successful venture capital deals. The chemistry between an...

Finance2 weeks ago

Why leveraging strong identity verification is the key to remaining competitive for financial services

By Philipp Pointner, Chief of Digital Identity at Jumio   With the recent revelation that Facebook is allowing sales of...

Trending