Connect with us

Business

“Why cyber resilience is the banking sector’s top priority?”

Published

on

THE IMPORTANCE OF CYBERSECURITY AND HOW TO MEASURE IT

The financial sector has always been a top target for cyber criminals. But as adversaries grow more organised and sophisticated, how severe are the risks, and how can organisations stay ahead of bad actors?

We asked Raghu Nandakumara, Head of Industry Solutions at Illumio, how the financial sector can build resilience against the ever-growing threat of cyberattacks.

 

How vulnerable is the financial sector to cyber threats right now?

The critical nature of the financial sector makes it very vulnerable to widespread digital threats.  Financial institutions collect colossal amounts of data, from personal information to credit card details, national insurance numbers, investment details, loan information and more. They are essentially trusted with our entire digital identities.

Now, alongside attacks seeking to steal personal data or access accounts, the sector is increasingly under siege from ransomware. Last year, the industry accounted for 6 per cent of the top ransomware attacks and attacks targeting financial organisations have nearly tripled in 2022.

Raghu Nandakumara

Attackers are also continuing to leverage double extortion approaches, combining data encryption to impact to operations with threats to leak or sell sensitive data. This creates more pressure on organisations to pay the ransom. According to reports, the financial sector has paid an average of $1.59M in ransom, higher than the global average of $1.4M.

Finally, institutes like banks are incredibly vulnerable to losses in productivity or operational downtime. Even the smallest disruption can have a huge impact on the business or the larger supply chain, since almost every individual and business are constantly reliant on banking services.

 

Why is cyber resilience so important for the financial sector?

Cyber resilience defines an organisation’s ability to detect, respond to, recover, and protect itself from cyberattacks. On a more granular level, developing cyber resilience means an organisation can remain operational, even in the event of an active attack. It’s not just the practice of stopping attackers from breaching your system, but rather fortifying them so they can still function, even when facing a breach.

Cyber resilience is critical for the financial sector because these organisations are the backbone of our economy and societies. If a banking organisation is unable to facilitate financial transactions, it will disrupt the wider marketplace for liquidity and assets. The disruption of financial services means a part of society’s capital flow will be completely halted.

Also, as we increasingly rely on digital and cashless transactions, disruption to such services can have crippling consequences. That’s why financial services rank as critical national infrastructure (CNI) alongside power and water.

 

How can financial firms strengthen their cyber resilience?

Achieving cyber resilience starts with visibility. Financial organisations often have a complex network infrastructure, comprised of many endpoints, interconnected systems and hybrid IT. This makes it hard for security teams to maintain visibility of their entire estate. But if you can’t see the risks, how can you defend against them?

To achieve visibility, organisations need to develop a clear picture of how their applications and workloads are communicating with each other. Then, they need to identify their most high-value assets and resources and define who has access to them. Not every employee within the company needs access to high-value assets. Limiting access to these resources to only a handful of individuals can prevent access privilege abuse and mitigate damage from a compromised account or endpoint.

Moreover, organisations must extend defences to every endpoint, cloud, or data centre resource connected to the network. This includes every mobile banking app, investment app, devices used by remote employees, and all third-party endpoints. Just protecting the core enterprise network alone is no longer enough.

Our research found that 74% of organisations expect Endpoint Detection and Response (EDR) to block or detect all malicious activity, yet most organisations still get breached. So, it’s clear that detection tools alone can no longer provide the protection needed against modern threats. Having visibility of all network traffic is critical. Effective monitoring frameworks must be in place to visualise endpoint traffic for every user or device that is accessing the network, supported by a Zero Trust strategy that always ‘assumes breach’.

 

Why is it essential to ‘assume breach’? And how can financial firms put the practice into action?

Assume breach is the approach of presuming that attacks and intrusions are inevitable and arranging the network’s defences to mitigate the impact. So, when a breach does occur, the network can automatically isolate adversaries before they traverse through different systems and inflict serious damage. With most attacks initiated and escalated through compromise or misuse of privileged accounts, an ‘assume breach’ mentality is critical, serving to shift defence strategies from a passive to an active framework.

Employing Zero Trust Segmentation (ZTS) is one of the most effective methods for making the assume breach model a reality. This Zero Trust technology is designed to divide an enterprise network, data centre, cloud environment or endpoint estate into multiple segments or subnets. Each segment has its own access and authentication policies, where user identities, devices, and network configurations must be validated every time a user requests access.

You can think of ZTS like a hotel. The hotel entrance is the perimeter and if someone gets into the hotel lobby (bypassing firewall defences) they don’t automatically have access to rooms. Guests have their own unique key cards with access to only the floors and room they need. So, if you are meant to check out at 11am and you try to access your room at 11:30 am, your access will be denied, and you will need to go to the front desk and get re-verified. ZTS functions in the same way, ensuring the division of endpoints, clouds and data centres into segments to protect them from potential threats.

It can also automatically block unauthorised movement across hybrid IT. For example, even if an attack compromises or reaches one device, the threat is contained to that single endpoint, preventing the spread of the breach across the organisation and limiting its impact. So, even if one part of the organisation falls victim to a breach, the bulk of business can continue as usual. That is true resilience and how financial firms can stay one step ahead of the attackers.

Financial organisations will continue to be targets of ransomware and other sophisticated threats. Cyber criminals follow the money and will always evolve their tactics to meet their aims. By putting in place proactive security measures, such as ZTS, coupled with an ‘assume breach’ mentality the financial sector can build resilience, and ensure critical systems remain operational and sensitive data protected, regardless of what threats come its way.

Business

Financial Services Makes Gains In Employee Engagement

Published

on

By Phil Chambers, GM Workday Peakon Employee Voice 

 

A new report shows that the financial services industry improved in almost all elements of employee engagement last year. Can such momentum be sustained?

After more than two years of change, one thing is certain: keeping workers engaged has become more challenging – and more urgent. Record numbers of workers have left their jobs in the UK. And, as turnover has increased, employee engagement – people’s mental and emotional investment in their work and workplace – has been tested. In today’s climate, engagement isn’t a nice-to-have; it’s a business imperative – especially as companies with engaged employees are known to reap benefits including higher productivity, customer satisfaction, and profitability.

The financial services industry hasn’t been immune from the so-called Great Reshuffle. But, according to Workday’s latest State of Engagement Report, it did make measurable gains in employee engagement during 2021. Of the 17 industries analysed, financial services’ engagement ranking jumped from ninth to fifth place.

The report analysed nearly 9 million employee responses from almost 2.5 million employees throughout 2021. It compared the engagement scores given by employees working in different industries over the 12-month period, as well as scores for the 14 drivers of engagement – including autonomy, goal setting, meaningful work, reward, and recognition.

Organisations in the financial services industry have been considered less   quick to evolve than others. PwC recently characterised insurance companies, for instance, as “traditionally risk-averse and slow to change”. But, as the report shows, financial services clearly made some improvements. It is noteworthy given the enduring pandemic-related economic turbulence of 2021 – and the fact that during that time global engagement scores overall slightly declined.

 

Where The Financial Services Industry Improved in Employee Engagement

Remarkably, the financial services industry saw increased rankings and scores in all but one of the 14 engagement drivers that the State of Engagement report measures.

Of all 17 industries analysed, financial services took top place for goal setting by the end of 2021 (up from sixth at the start of the year) and landed among the top three sectors for strategy and recognition too. These strong results indicate the industry provided clear direction to its people at both individual and organisational levels, and appropriately recognised employees when they met their goals.

The improvement in the industry’s overall engagement, however, was driven largely by a sizable increase in its environment driver score in 2021, suggesting that a significant number of employees responded positively to having more freedom around where they worked during the pandemic. Before the pandemic, it was unusual for financial services firms to offer flexible options at all. But, in 2021, more than ever before, many firms’ employees were working remotely or enjoying a hybrid of both remote and in-office work – as and when offices started to re-open. This unprecedented choice in where, how, and when they worked was appreciated, as the report indicates, by many workers in the sector.

 

Where There’s Room For Improvement

As the report found, many employees feel the amount of work they have is increasingly unmanageable. Workload continues to be a pain point across all industries globally, with workload satisfaction scores dipping slightly in 2021. At the end of the year, financial services received its lowest engagement-driver score for workload and ranked 11th among the 17 industries analysed.

This indicates employees in the financial services industry found their workload less manageable as the year progressed, which is perhaps unsurprising when considering the pandemic’s ongoing toll in many parts of the world, and the fact that remote working can lead to ‘always-on’ work lives.

To help mitigate burnout risk and diminished engagement going forward, financial services leaders and managers will need to stay close to their employees in the months ahead to find out how they can best support them, whether that’s with additional resources, greater work flexibility, or updated benefits. By regularly staying abreast of people’s needs and taking the necessary action, organisations can spot potential problems before they lead to resignations.

 

What The Industry Should Avoid Going Forward

In recent months, we’ve seen some financial institutions try to take a “return to normal” approach, requesting their people go back to working onsite five days a week. But, as the report shows, this approach may not be the best one for everyone, particularly as the past two years have revealed that many employees appreciate and benefit from a greater degree of flexibility.

Of course, not all organisations will be able to provide hybrid or remote arrangements for all their people. But greater flexibility doesn’t necessarily have to mean working remotely. It could mean more flexible scheduling options, or a shift in working hours to enable a greater work-life balance.

Either way, to retain the engagement gains achieved in 2021, the financial services industry should resist the temptation to look back, and must instead take learnings from the past two years. Amid so much economic and societal change, and with employees continuing to shift jobs in record numbers, companies cannot simply go back to before, but need to continue moving forward, listening to the needs of their people, and leading with empathy.

Specifically, leaders and managers in financial services will need to stay closer than ever to employee feedback, going beyond listening and working fast to implement change accordingly.

For the industry to continue making positive gains in employee engagement, it will need to: consider how to retain a degree of flexibility – updating models to reflect evolving employee needs; continue to provide clear individual and organisational direction to those working remotely and on site; create and maintain more manageable workloads through prioritisation and automating repetitive tasks; and continue to reward and recognise employees for their hard work and achievements.

While great strides were made last year, it’s more important now than ever that leaders in the financial services industry determine and understand how employees are feeling so that organisations can explore and shape a future of work that works for everyone.

Continue Reading

Business

The FTX collapse: Lessons learnt for the CFO

Published

on

‘A complete absence of trustworthy financial information’ were the words used to describe the cause of cryptocurrency exchange FTX’s demise last week. Although an extreme example of incredibly poor risk and data management, it brings to light – yet again – the importance of getting financial planning right.

Following the collapse, the question on everybody’s lips has been – could this have been avoided? The answer is highly complex, however identifying, managing and mitigating internal and external risks should be at the top of senior leadership’s priority list – simple. The teachings here for CFOs across all industries are rooted in risk management. It was a lack of planning from senior executives that caused the current crypto industry crisis and should be considered a wake-up call to senior leaders across a multitude of sectors.

We are entering an uncertain economic winter, and CFOs are facing risks previously unknown, which are going to be impossible to mitigate without valuable insight and suitable technology. In the rocky months ahead, operational ‘leaks’ or financial losses will not be limited to crypto companies resisting the lasting effects of FTX’s collapse. If businesses across all sectors are to survive one of the most complex economic environments in recent times, CFOs will need to ramp up their risk management.

Hartmut Wagner

A Deloitte survey of CFOs found that 63% believe recession will hit within the next year and are already dealing with the sharp rises in financing costs. Additionally, the International Monetary Fund (IMF) has forecasted that global growth will falter from 3.2% in 2022 to 2.7% in 2023 because of tightening financial conditions in most regions. Ultimately, the outlook is challenging enough without the prospect of avoidable risks that can be prevented with the right planning and processes.

 

Automate systems or sink

Recent Gartner data shows that under one-third of CFOs are confident that technology they have available to them can ensure future company success. But to survive the recession and thrive on the other side, technology will be key throughout the finance function.   The Great Resignation has also added urgency for CFOs to automate more business and financial processes. The labour shortage, which started in hospitality and airlines, has hit the financial sector and has created a skill gap that senior leaders are battling to fill. No one is immune, as even Deutsche Bank and Goldman Sachs are suffering ‘talent wars’ as they fight to attract and retain finance professionals.**

Additionally, CFOs are facing ‘quiet quitting’, another problem that translates to increased employee disengagement which has recently gone viral across social media. The trend, gaining traction across Europe, encourages workers to avoid going above and beyond their job description and is lowering productivity levels. Automating the finance function, for one, alleviates the pressure on stretched teams by adding a virtual ‘team member’ that can take over repetitive and time-consuming transactional processes. This can break the negative cycle of further resignations as remaining employees will have more time to focus on strategic decisions, offering them the chance to become true value creators. Removing these arduous manual tasks will also attract employees and give businesses the upper hand in the ongoing ‘talent war’.

Take processing invoices as an example. It’s a simple but time-consuming task that can often be derailed by human error. Intelligent software can create efficiencies by reducing the time to completion and eradicate costly mistakes. It can also help to combat issues associated with ‘quiet quitting’ as disengaged employees will have time to focus on the tasks that they find more stimulating.

 

Achieving well-rounded cash visibility

In this period of economic uncertainty, cash is no doubt king and having a rounded view of company finances is crucial. Staying on top of a business’s cash position is tricky and slow if balances are still being drawn by hand. It’s labour intensive, time-consuming and there’s risk of being blindsided by putting valuable time into non-strategic tasks.

Instead, technology that uses artificial intelligence (AI) can provide clarity on current and future cash balances and flows, meaning CFOs can anticipate potential cash flow concerns before they become a problem. Plus, the technology can provide actionable insights into the spending and cash flow trends of a company, and AI can forecast potential hurdles and scenarios ahead of a business in a way that people alone can’t. This means the CFO’s decision-making powers grow and deliver better risk management. For a job based on data, implementing technology like this should feel like a natural progression.

 

The future CFO, now

The recent FTX collapse – rooted in a lack of financial planning – only highlights further that humans, without the right technology solutions, cannot deal with the risk management complexities in the modern era. Interestingly, a Gartner Survey conducted this summer highlighted that 45% of CEOs and CFOs would cut digital investments only as a last resort in difficult economic times. Employees and technology were prioritised over investments in mergers and acquisitions, which highlights CFOs’ recognition of the success of technology in driving efficiencies and protecting margins.

Even within industries less volatile than crypto, the threat of collapse is on the mind of most CFOs as we enter a period of economic downturn. For some, the risk might seem less obvious and, therefore, it’s impossible to accurately mitigate against without the right tools. Consequently, over the coming months, it is technology what will set one CFO apart from the next.

Continue Reading

Magazine

Trending

Finance3 hours ago

The Importance of Experienced Customer Service Advisors in Finance

If there is one thing which can be said about the finance sector, it would be that as a customer-facing...

Business2 days ago

Financial Services Makes Gains In Employee Engagement

By Phil Chambers, GM Workday Peakon Employee Voice    A new report shows that the financial services industry improved in...

Business3 days ago

The FTX collapse: Lessons learnt for the CFO

‘A complete absence of trustworthy financial information’ were the words used to describe the cause of cryptocurrency exchange FTX’s demise...

Business3 days ago

Black Friday, Cyber Monday and beyond: The inevitable shift to mcommerce

Arunabh Madhur, Regional VP & Head Business EMEA at SHAREit Group   Last year, we saw explosive growth in Black...

Business3 days ago

Keeping your options open and flexible: How to manage cloud migration for Financial Services Organisations

By Rachel Mcelroy, Marketing Director at Cloud Gateway   Financial Services Organisations, such as banks, insurance firms, and accounting firms,...

Business3 days ago

What makes a good entrepreneur?

By Emma Lewis, Myriad Associates Ireland   Many of us have dreamed of coming up with the next big thing...

Finance3 days ago

Things To Think About Before Starting Your Cryptocurrency Investment Journey

Making the decision to start investing can be an exciting time. Knowing that you’re going to be taking a more...

Banking3 days ago

How banks can increase customer acquisition and user engagement with sustainability

By Karolina Szweda, Head of Growth Marketing at Connect Earth Young people are demanding more innovation from traditional financial institutions,...

Banking3 days ago

The new blueprint for Open Finance? – A look inside the new Saudi Open Banking Framework

Chris Michael, Co-Founder & CEO, Ozone API   It has been a genuine privilege for all of us at Ozone...

Business4 days ago

How intelligent AP automation can put construction businesses on solid ground for growth

Cody Manning, NORAM Chief Sales Officer at Yooz   The ability to access personal emails, utility bills, invoices and other...

Finance4 days ago

Unlocking the power of AP Automation to tackle payment fraud in an economic downturn

Daniel Ball, SVP Innovation at Medius   Fraudulent activity in the workplace is not stopping any time soon. According to...

Business5 days ago

Why building trust in the workplace should be an employer’s priority

Emma Price, Head of Customer Success of ActiveOps discusses why managers should focus on workforce trust to negotiate the management...

News5 days ago

Times International and SaaScada partner to deliver innovative trade and commerce financial solutions

Global trade is forecast to increase between 30% and 70% by 2030, with 80% relying on trade finance. With traditional...

Top 105 days ago

Top 5 Holiday Season Fraud Trends

By Doriel Abrahams, Head of US Analytics, Forter With International Fraud Awareness Week and the holiday shopping season officially underway,...

News5 days ago

3S Money partners with Crown Agents Bank to boost international trade

3S Money, the UK Fintech scaleup, has partnered with Crown Agents Bank to offer 33 new currencies to its corporate...

Business6 days ago

How Startups Can Use Digital Technology to Strengthen Their Businesses in the Face of a Recession

Gemma Dodd Brand Development and Marketing at Shift6 Studios   Startups are often lauded for their innovation, creativity, and willingness...

Business6 days ago

Planning for Power Outages: Why Business Continuity Matters More Than Ever

By Tom Cole, Managing Director, Abacus Group   Will the UK face power outages this winter? While mass blackouts are...

Finance6 days ago

WHAT TO CONSIDER WHEN CHOOSING THE RIGHT FINANCIAL PLANNER

By Buntu Bam, certified financial planner at Alexforbes As we journey through life – from our first jobs to marriage and...

News6 days ago

Leaders recognise the importance of green transport at COP27, but we need data

By Devin De Vries, CEO, WhereIsMyTransport   The COP27 summit, which recently wrapped up in the Egyptian resort city of...

Business6 days ago

3 critical tips to help SMB’S survive the ongoing inflation crisis

Ryan Demaray, SMB EMEA MD at SAP Concur UK   The past few years have been tough for small businesses,...

Trending