It used to be widely imagined that fintechs were attackers, lined up in opposition to incumbent financial institutions. Some are, but it is more realistic to think of fintechs and longer standing financial institutions as part of a larger combined ecosystem, with many fintechs providing services to financial institutions rather than competing for business. As a result, security is not a source of competitive advantage but rather a common goal ... as described in this initiative from the WEF. This way of thinking needs to be fully reflected in the enterprise security strategy and operating model of major financial institutions, and rolled out into their third party risk management approaches.
| less than a minute read
Creating a secure ecosystem in financial services
Cyber risk is pervasive, systemic and global in scope. In the financial services industry, it is increasingly difficult to mitigate this risk, since the modularization of financial services interlinks organizations whose cybersecurity maturity levels vary greatly. It is therefore difficult for any one firm to understand how an attacker might move laterally across a supply chain. Given that interests and priorities diverge among actors, a sector-wide baseline for cybersecurity is necessary to ensure the integrity of the global financial system. A vital step in establishing this baseline is for financial technology (FinTech) companies to uphold their obligations to system resilience. FinTech companies must protect themselves and their customers in a measurable and demonstrable way, but they are often faced with fragmented regulations and finite resources and operate in a market where skilled expertise is in short supply.
Businesses have long had to cope with the impact of business cycles. Now they must address not just cycles but cyclones. In our findings...