Five factors to impact fintech cybersecurity in 2020
Peter Carlisle, Vice President at nCipher Security, shares five predictions that will impact and force the fintech space to re-evaluate and improve their cybersecurity in the new year – including a decreasing hype around blockchain, the impact of IoT device vulnerabilities and an increase in multi-cloud environments.
Finding that sweet spot between ‘too little’ and ‘too much’ security
In 2020 cybersecurity will inevitably become a global priority due to a rise in threats and a heightened sense of vulnerability when it comes to unauthorised access to confidential data. As criminals become more organised, they will continue to take advantage of human error and the struggle businesses face in trying to find a balance between ‘just enough’ and ‘too much’ security to commit attacks. In this context, and in order to best protect themselves in the new year, enterprises must take action and improve their systems to avoid being compromised – especially those involved in financial services as they manage vast amounts of sensitive information. The following five predictions provide focus on where improvements can be made and what must be considered to reinforce security systems:
Increase in multi-cloud and multi-deployment environments to protect data: There will be more of a focus on technologies that cater to on-premises, private, and public cloud environments. We can attribute this to the ‘boomerang effect’. Just a couple years ago many organizations were planning to go 100% public cloud and, in some cases, moved a number of their applications there. However, many others discovered that in some instances the public cloud did not meet their needs – due to security issues, having to re-write applications, etc. – so the apps “boomeranged” back on-premises. Having undergone this process, organizations are now increasingly choosing to embrace multi-cloud, multi-deployment environments. They’re deploying applications because they offer the best technology, and because they’re secure – regardless of whether or not they’re on-premises or in the cloud.
Rise in business applications that mimic cloud environments: Even if they technically don’t fall under the public cloud umbrella, organizations will build infrastructures and architect in a way that allows them to stretch and expand applications and turn on and turn off workloads. These environments will look strikingly similar to the public cloud but will be built on-premise or in a “private cloud”.
Increasing impact of IoT device vulnerabilities: Enterprises will struggle to effectively prioritize IoT security mechanisms in accordance with their threat environment due to lack of up-front involvement of security teams in IoT projects, and not having an IoT architect in place. According to the 2019 Global PKI and IoT Trends Study by nCipher Security and the Ponemon Institute, despite IoT being one of the fastest growing trends in technology today enterprises are leaving themselves vulnerable to dangerous cyberattacks by failing to prioritize PKI (Public Key Infrastructure) security. This research also revealed that the two biggest concerns IT professionals have when it comes to IoT security threats are an unauthorised third party altering the function of their devices through malware or other attacks (68%) and being able to control the device remotely (54%). Despite a growing number of options for PKI deployment (cloud, managed and hosted), internal corporate Certificate Authorities (CAs) remain the most popular and have grown 19% over the past five years to 63% – with 80% of financial services organisations favouring this option.
AI tools will help analyse and make sense of data collected with IoT devices: In 2020 we will see the first wave of leaders in the ‘AI for IoT’ space. However, cyber criminals will also leverage artificial intelligence (AI) and machine learning (ML) to find exploits on systems which will lead to prolific and public data security breaches. AI and ML are powerful tools for data crunching and therefore we should expect to see the development of exploit tools that are based on these. We also know that both systems can be defeated or biased to give anomalous results. Additionally, most of the data being used for AI and ML is not normally under the control of a single body. There are multiple sources and owners, so preserving the integrity of data used to train intelligent systems is not an easy problem to solve and attackers can easily exploit this loophole.
- Forget cybersecurity, it’s “hardsec” that will reinvent banking
- Cyber Security and Fraud Prevention Tips For Black Friday & Cyber Monday
- Cryptoassets have been a fraud magnet – but the picture is looking much better
- Read the latest edition of FinTech Magazine, here
Decreasing hype around blockchain technology: In 2020 both consumers and businesses will come to understand blockchain is not a financial panacea. However, keeping this technology secure still entails relying on security best practices, which include secure key management and correct use of cryptography. Concurrently, we will begin to see a focus on quality over quantity – blockchain applications will become more meaningful due to a better understanding of the limitations of the system and where real benefits may be derived.
Organisations need security and privacy controls but must also be mindful as to not drive consumers away. In 2020 the challenge will still be finding that sweet spot between ‘too little’ and ‘too much’ security, and those that are on the lesser side will find themselves at great risk of suffering attacks.
About Peter Carlisle
Peter has over 25 years’ experience in the technology industry including significant periods at Dell, Compaq, HP and Thales eSecurity. For the last ten years he has been focused on the cybersecurity marketplace, helping businesses to protect their valuable data. He understands the commercial benefits of a strong security posture and knows how to engage the market with a strong value proposition. From his extensive travel around the globe he has developed a knowledge of many diverse markets as well as an understanding of customers' real issues and getting to grips with the differences between the local versus the universal.
For more information on all topics for FinTech, please take a look at the latest edition of FinTech magazine.
AI and the future of global trade
Artificial intelligence (AI) is becoming entrenched in our daily lives, but the technology is still surrounded by misconceptions and skepticism. Ask the public and they may jump to dystopian scenarios where robots have taken over the world.
While this makes for a good sci-fi blockbuster plot, the reality is different and more benign. Those products that Amazon suggested you buy? AI. That TV series you were recommended to watch on Netflix? AI. That self-driving Tesla car you crave to take for a spin? You guessed it: AI.
There is no single industry that is not being re-shaped by technology. Until recently, however, there was one noteworthy exception: global trade. Fortunately, that is slowly changing.
The mechanism that underpins global trade – trade finance – is an industry that remains largely paper-based and reliant on manual processes. This US$18tn a year industry is now being influenced by a new wave of technological innovation, including AI.
Exploring the potential of AI in Trade Finance
AI refers to the use of computer-aided systems to help people make decisions or make decisions for them. It relies on large volumes of data and models to make sense of information and draw intelligence.
In trade finance, AI is helpful in analysing quantitative data, and the repetitive nature of trade finance means that there is a lot of non-traditional data at our disposal.
This means that when trade finance providers need to assess the risks of funding a transaction, AI models can be a very efficient tool for data analysis and reveal intelligence and risks relating to small companies.
AI helps the industry move beyond traditional credit scoring processes, which are often outdated and remain reliant on historical accounting entries – a barrier that prevents small companies from accessing trade finance and has resulted in a $1.5tn global shortfall.
Overcoming the barriers
AI can tackle this shortfall by creating accurate credit scoring models. This can include a company’s payment history, measure the risks of funding a transaction, identify supply chain risks, and benchmark them against their peer group.
Trade finance providers can use this information to communicate effectively with their SME clients, ultimately helping establish better business relationships.
Towards a technological utopia?
The adoption of AI has the potential to do a lot of good in the industry, and the industry is in the early stages of radical transformation.
Advances are driven by fintechs as well as a willingness to change. The industry is working together to create new infrastructure for distributing trade finance assets to other investors in a transparent, standardised format.
The creation of infrastructure is possible due to improvements in technology and integrated across the trade ecosystem in cooperation with banks, insurers, and other industry participants.
It’s collaboration at its best: together, the industry is using technology to re-shape global trade as we know it.