Connect with us

Business

The Four Pillars for a Powerful Tech Partnership

Published

on

By Eric Lefebvre, Chief Technology Officer at Sovos.

 

Many technology vendors will make all sorts of promises and claim to have miracle solutions for your business needs. However, it’s important not to be swayed by vendor promises. Instead, it is critical to have a set of standards and criteria for the tech your business uses and needs. This will guarantee that you are making the right purchases from the right vendor.

If you’re seeking a reliable partner, you should validate four core pillars of a vendors’ solution: reliability, scalability, security, and experience. By taking this precautionary measure, you’ll be able to identify the perfect match.

Reliability is key

According to the U.S. Census Bureau, 2021 set the record for the highest percentage of people working from home. With this quick shift to remote working throughout the pandemic and with little time to prepare, many businesses faced the sudden challenge of creating and developing digital adoption strategies in order to simply stay afloat during this period of change. Paired with the increasing consumerisation of technology and the always-on/always-available culture, IT teams need to ensure that the technology solutions they provide need to work all the time, with minimal disruption.

Being able to depend on your technology partner’s expertise to support your company and help keep up with these unprecedented changes is a key factor in building a successful business relationship. Technology is always evolving, and businesses should be able to place total trust in their tech partner to handle any back-end tech issues. Having a reliable partner ensures that businesses won’t lag behind as these market changes occur.

Scalability support

As the online market expands, many businesses are evolving or implementing digital solutions to capitalise on this growth. Businesses that are experiencing rapid growth and expansion in the market should not be hindered by a lack of experience or involvement in technology.

Eric Lefebvre

When searching for a technology partner, it is important to find one that will propel your company forwards in every way, especially digital transformation. For instance, Renolon reported that, on average 93.79% of businesses use social media platforms like Facebook, Instagram, and others to reach their markets. With the rapidly changing needs of businesses and their consumers in today’s market, it’s important to ask if your vendor partner is prepared to support a sudden increase in sales volume, should your business experience an unanticipated response to a media campaign – even something as random as an influencer promoting your product/services on Tik Tok. This is not an uncommon occurrence and businesses can experience exponential growth as a result of these reasons.

The right partner, committed to supporting the expansion of your services, products, and reach into the digital space, will enable your business to reach its goals and objectives as quickly as possible.

Secure systems

Security is inevitably a key consideration when entering a partnership with a technology vendor because they will be responsible for preserving a business’ functionality. It’s vital to assess your partner’s security posture, given that your sensitive business and customer data will be vulnerable to exposure on systems and networks that are beyond your control. Choosing the right partner should give you peace of mind as they will do their utmost to keep you safe from cyberattacks, hackers and data leaks, which will ultimately protect your reputation.

You should be able to trust your technology partner with all the information they need to improve your business. Your partner should be keeping up with your business in every sense, including minimising security threats in the digital space. Providing secure IT solutions and services to your organisation is essential for a successful partnership.

The people and the tech make up experience

Effective technological support is an important part of any business operation, and it’s something that you should be able to count on your provider to commit to. In the search of a partner, it’s essential to understand what level of tech support they can provide. Evaluating this will help to determine if they’re the right fit for your business and if they can meet your business needs.

What’s more, when partnering with a provider that takes the people factor into account, you can be sure that employees and customers will have a positive experience with your business. This, in turn, leads to improved morale, loyalty, and retention. According to a survey conducted by Partner Path, solution providers ranked the ‘People Pillar’ as the most important factor when considering any partner experience.

A first-class experience affords easy access to various business solutions, imparts the domain expertise and knowledge required to make the convoluted appear effortless, and provides products that are so intuitive that guidance is scarcely needed. Technology companies such as Stripe, Square and Uber cemented their widespread reputation outside of their target market, simply because of their user-friendly nature.

All in all, the right technology partner can help improve and scale your business in many ways – they can help shorten your sales processes, improve customer and employee experience, and better meet user needs.

Turning the tide with the right tech partner

Essentially, like any partnership, it all comes down to trust. So, keep in mind those key components listed above – reliability, scalability, security, and experience – and you’ll be able to find yourself a trustworthy IT partner.

Of course, the right tech partner will be different for every business. But, it’s crucial to ensure your potential partner can deliver on these crucial areas that are specific to your organisation’s needs to build trust and create a successful partnership. A business / vendor relationship is only as strong as the trust between them.

Business

Shoring up defences to take advantage of the cloud

Published

on

By

By Dave Waterson, CEO, SentryBay

 

The banking industry is embracing all the benefits that the cloud offers and slowly but surely moving its infrastructure over. The motivations for migrating include greater control of costs, access to reliable, constantly updated and optimised technology and an ability to build competitive advantage.

Alongside this, however, is the risk of exposure to cyberattacks.

The dynamic environment of the cloud removes organisations from total control of their network operations. In many cases, the cloud service provider takes responsibility for, at least, some of the systems and policies which ordinarily would be monitored by the company. Shifting data from secure on-premises networks into the cloud opens opportunities for cyber attackers and makes it easier for data to be leaked, which is why according to IBM nearly half of all data breaches happen in the cloud.

There is also the issue of compliance. A cloud environment typically enables large scale user access, but meeting with regulations such as GDPR, PCI DSS and HIPAA necessitates strict access control. If banks and financial services companies cannot demonstrate full adherence with regulations they are at risk, not just of a data breach, but of hefty fines for non-compliance.

The key to a successful cloud migration is strategic planning. Having a clear picture of the vulnerabilities that may occur as a result of moving data, applications and platforms into the cloud allows banking organisations to put defence mechanisms in position.

Securing endpoints

Perhaps the most obvious place to start is with the devices that will be used to access cloud-based systems. Laptops, corporate PCs, home PCs and smartphones are vulnerable. It takes just one keylogging attempt on an unmanaged laptop that is logging remotely into an online bank account to put that employee at risk of personal theft. It can equally take one malicious screen capture incident to grab the log-in details for the bank’s network and allow a bad actor access to the data of thousands of customers’ bank accounts. These are just two examples of common malware that frequently attack systems that are unprotected.

The rapid shift to remote working followed by hybrid models that allow employees to work in offices or from home have provided greater flexibility for workforces. For banks and financial services organisations however, this has created a huge headache when it comes to managing security. IT teams whose job previously was to monitor and log activity within a secure controlled location, are now expected to monitor the same activity, but across app virtualisation services such as Azure Virtual Desktop and SaaS applications like w365 with no direct visibility of the devices that are being used.

So, for a cloud migration to be successful and risk free, banks must recognise these vulnerabilities and start from that perspective.

Never trust, always verify

In a cloud environment even more than on-premises, the traditional approach to security which presumes that cyber attackers are always on the untrusted side of the network, and trusted users are always on the trusted side, should be put aside in favour of adopting a zero trust approach. This is a model that trusts nobody and assumes that all devices are untrustworthy. It means that access to the system is denied completely until the employee and their device have been verified.

The risk of an attack is now so great, and the belief in zero trust so strong, that the Spiceworks Ziff Davis 2022 State of IT report, carried out among over 1000 technology buyers in North America and Europe, found that 65 percent of companies in Europe were implementing, or planning to implement zero trust security solutions within two years.

The importance of wrapping data & applications

With zero trust in place, banks should turn their attention to building a layered approach to cybersecurity. Internet security, anti-virus software and securing the wireless network with virtual private networking (VPNs) still have an important role to play, but what is needed now as the threat landscape becomes more complex, is dedicated solutions that containerise data and applications securely, so they are wrapped against the threat of cyberattacks particularly from keyloggers, screen capture malware and other forms of cyberattack.

This type of security solution, which protects data entry on all devices, but particularly those that are used to remotely access cloud-based apps is essential to a layered approach and works without needing to identify the malware. It is also scalable, allowing banks and financial services companies to approach security as a continuous process. This is particularly important when it comes to compliance and is fully in line with regulations such as PCI DSS which requires continual reassessment and remediation of problems when personal and payment data is being handled.

Cyber threats have evolved to take advantage of weaknesses in the cloud, and the solutions that organisations use to tackle this pervasive problem also need to evolve. Delivering a mechanism that prevents an attack and which is easy for employees to deploy, wherever they happen to be working, and on whatever device, is a significant way of meeting the challenge.

The message, therefore, for the financial industry as it manages its migration to the cloud is to ensure a layered, integrated suite of security is in place as part of a zero trust approach. This will mitigate attacks and shore up defensive walls enabling them to fully maximise all the advantages that the cloud can bring.

Continue Reading

Business

Ransomware chokes COBRA: How AI-powered data analysis can support financial services’ plight

Published

on

By Toby Butler, Financial Crime Solutions Manager at Ripjar

 

Ransomware attacks are on the increase in the United Kingdom. Most of the British Government’s COBRA meetings have been convened in response to ransomware attacks, showing how cybersecurity breaches are as pressing as national emergencies and crises. The National Cyber Security Centre’s (NCSC) annual review found this year that the country was hit by 17 ransomware incidents that were so impactful they “require a nationally coordinated response”. That extends to the financial services sector, which saw an increase of ransomware attacks with 55% of organisations hit in 2021.

Where does this leave the sector and how can artificial intelligence and machine learning be instrumental in understanding the risks companies face against future ransomware attacks?

Toby Butler

Company information is being stolen and sold to different threat groups, who prey on the individuals in that organisation who are more likely to pay them. The UK is one of the most cyber-attacked countries in the world and the Government has been criticised for being “ill-equipped” to deal with this exponential rise of fraud cases.

 

Ransomware-as-a-Service

Ransomware is one of the most common forms of cybercrime. Fighting it has become one of the biggest problems that organisations today face during their everyday operations. For instance, Malware (malicious software) encrypts the files of a single computer, then works its way through an entire network to reach the server and inflict maximum damage. Company information is being stolen and sold to different threat groups, who prey on the individuals in that organisation who are more likely to pay them.

When these attacks occur the victims, more often businesses, are left with minimal options. If they have substantial backup solutions already in place, they can attempt to restore the encrypted data to their servers. But if that data isn’t already secured elsewhere, they may need to pay a ransom to the criminals behind the attack. Thereby allowing the business to function once again and restoring their reputation. The cost of paying the ransom will feel considerably smaller compared to starting a business again from scratch. Sophos’ State of Ransomware in Financial Services 2022 report found that 52% of financial services organisations paid the ransom to restore their data, the average remediation cost in financial services was US$1.59M.

Cybersecurity Ventures estimates that ransomware is set to cost global businesses more than $256 billion by the end of 2031. By that token, organisations need to be extremely mindful of the potential threats they may face. Businesses need to understand the methodologies these hackers use, to address the weaknesses within their domain and take measures to isolate and prevent further ransomware attacks from happening again.

 

The rise of WAMs

According to a recent report by security firm CyberSixgill, 19% of the 3,612 cyberattacks that took place in 2021 were traced back to Wholesale Access Markets – or WAMs for short. WAMs are, in essence, underground internet flea markets. These markets are where aspiring attackers come to purchase network access from threat actors – the individual or entity involved in carrying out the cyber-attack. Types of threat actors include insiders, cybercriminals, rival organisations, or even nation states stealing data.

WAMs sell access to multiple compromised endpoints (or pathways) for around 10-20 dollars. Researchers found that WAMs listed access to approximately 4.3 million compromised endpoints in 2021, which include access to both provider and enterprise software (for example, an organisation’s Slack channel) up to 180 days before the attack itself took place. This shows how long these compromised endpoints remain undetected without proper internal analysis.

 

How can Financial Services stay ahead of the curve?

The use of Artificial Intelligence (AI) and machine learning is undisputed across modern businesses and sectors, and continues to revolutionise processes across the board. AI is a significant player in the financial services industry, building the ‘cyber-wall’ against nefarious users. It gives organisations optimal insights into reducing the likelihood of a ransomware attack in the future.

Namely, AI and machine learning collects and analyses vast amounts of messy (structured and unstructured) data from disparate sources. The challenge for the sector is to understand the volume and variety of the raw data collected from any source to build better protection in the future.

Structured information could be best understood as the clear data we see in a table. For example, the following attendees made a business meeting: first name – Joan, surname – Smith, age – 46. But unstructured information is information presented in a complex manner. For example, ‘there were five people who attended the business meeting, one of whom was forty-six and called Joan Smith’. Naturally, due to the complex nature of the prose, it would be more difficult for a machine to process that data into a digestible format for further risk analysis. This is where AI continues to prove invaluable.

AI uses natural language processing to understand the information provided on the web. As the software continues to evolve, natural language processing reads the information in a way a human would to extract the key information from the text. By incorporating AI and machine learning within an organisation’s IT infrastructure, companies operating within financial services can be better equipped to handle cybercrime.

These tools are flexible and adaptable, they can be configured to analyse different types of data from different sources to curate key insights. This collated information provides a better analysis of the organisation’s exposure, allowing them the opportunity to get upstream in preventing future attacks. This kind of approach is essential to processing listings on WAMs.

The power to analyse data to identify weakness is vital in the battle against cybercrime. It gives organisations a better understanding into what they could expect to see in the future. Hosting the correct data, and with the analytical skills, financial organisations can gain a better understanding of the methodologies and weaknesses in-house that attackers use and exploit to hold them to ransom. Organisations can then use this as a reference to pinpoint compromised endpoints, giving them a chance to reduce access before this route can be exploited and ruin their business.

With cybercrime and ransomware continuing to remain prevalent, it’s vital that financial services companies understand how they can get ahead of the curve and build a robust security platform within their IT infrastructure that can withstand an attack. In 2022, a ransomware attack occurred every 40 seconds. The mindset for the sector needs to be one of when, not if.

Organisations need to be thinking about an attack now – before it’s happened. Pre-planning and preparing for the worst possible outcome from future threats and adversaries. The introduction of AI and machine learning in the fight against cybercrime is a must, and the sooner the industry gets behind in implementing AI, the safer it will be through the next decade.

 

 

Continue Reading

Magazine

Trending

Business3 hours ago

Shoring up defences to take advantage of the cloud

By Dave Waterson, CEO, SentryBay   The banking industry is embracing all the benefits that the cloud offers and slowly...

Business1 day ago

Ransomware chokes COBRA: How AI-powered data analysis can support financial services’ plight

By Toby Butler, Financial Crime Solutions Manager at Ripjar   Ransomware attacks are on the increase in the United Kingdom....

Banking1 day ago

How Banks Can Boost App Innovation, Speed and Compliance

Steve Barrett, Senior Vice President of International Operations, Delphix  As new finance and banking applications disrupt the market each day,...

Business1 day ago

SVEA BANK ACQUIRES AREX’S FINTECH OPERATION IN FINLAND

AREX Markets, the data-driven FinTech company that drives financing costs down for SMEs and enables them to get paid quicker, has...

News1 day ago

ICICI Lombard and AU Small Finance Bank announce Bancassurance tie-up

ICICI Lombard General Insurance, India’s leading private sector non-life insurance company, is entering into a Bancassurance tie-up with AU Small Finance Bank....

Finance1 day ago

Crypto’s tipping point

Chris George, Senior VP of Product at Somo argues that Crypto needs to improve its scalability to be taken seriously Cryptocurrencies are...

Business4 days ago

Why Procurement is key in delivering your ESG strategy

By Edward Cox, Principal at Efficio Consulting   Environmental, social, and governance (ESG) has shifted from a niche to a...

Finance4 days ago

Skedadle to change the game for advertising with Currencycloud partnership

Currencycloud, the experts simplifying business in a multi-currency world, has partnered with Scottish start-up app Skedadle to provide its users...

Finance4 days ago

How financial services organisations can harness the power of low-code/no-code

By Joman Kwong, Strategic Solutions Manager, Financial, at Laserfiche   The UK’s erratic economy, and its spiralling cost-of-living crisis, have...

Finance4 days ago

SaaScada Top Five Predictions for 2023

From BNPL for business, to sustainability and financial inclusion, 2023 is going to be a year of change as the...

Business6 days ago

Hidden channel costs: how to find and tackle them

By Mark Wass, Strategic Sales Director, UK and North EMEA at CloudBlue     Growth for businesses will always be a...

Finance6 days ago

Is your business ready for finance automation?

Mari-Frances Bentvelzen, Business Head and General Manager of Global SMB at SAP Concur   As managers continue to drive their...

Top 106 days ago

The power of a proactive customer service

By Delia Pedersoli, COO, MultiPay   2023 is shaping up to be another challenging period for B2C businesses. While the...

Business6 days ago

Automation nation: Liberating workers from desks, data entry and the doldrums

Gert-Jan Wijman, VP of EMEA at Celigo.   Just when businesses thought the tough times were over, even more challenges...

News6 days ago

Protean and Fino Payments Bank tie-up to expand PAN card issuance services in India

Fino Payments Bank has tied up with Protean eGov Technologies (formerly NSDL e-Governance Infrastructure Limited), a market leader in universal,...

Business7 days ago

What is the True Cost of SMS Phishing?

Gemma Staite, Threat Analytics Lead   Cybercriminals will recycle attack strategies for as long as they are effective. In Fraud...

Technology1 week ago

Digital Asset Management (DAM) To Transform Enterprise Brand Management

Alexander Rich, Co-founder and CEO – Desygner    Rapid digital transformation fuelled by the pandemic has undoubtedly proven beneficial to...

Finance1 week ago

Cost of living: How to identify vulnerable customers

Ellie Engley is account director at REaD Group   In the current climate, the cost of living crisis is a...

Banking1 week ago

Is traditional business banking the best option for SME finance squeezes?

Airto Vienola, CEO, AREX Markets  The pressures facing business and personal finances alike have been well documented. Stories are now starting...

Business1 week ago

Breaking down communications silos to streamline the customer experience

Dave Tidwell, Head of Technical Pre-sales, DigitalWell   The pandemic has, without doubt, moved the goalposts when it comes to...

Trending