Five factors to impact fintech cybersecurity in 2020
Peter Carlisle, Vice President at nCipher Security, shares five predictions that will impact and force the fintech space to re-evaluate and improve their cybersecurity in the new year – including a decreasing hype around blockchain, the impact of IoT device vulnerabilities and an increase in multi-cloud environments.
Finding that sweet spot between ‘too little’ and ‘too much’ security
In 2020 cybersecurity will inevitably become a global priority due to a rise in threats and a heightened sense of vulnerability when it comes to unauthorised access to confidential data. As criminals become more organised, they will continue to take advantage of human error and the struggle businesses face in trying to find a balance between ‘just enough’ and ‘too much’ security to commit attacks. In this context, and in order to best protect themselves in the new year, enterprises must take action and improve their systems to avoid being compromised – especially those involved in financial services as they manage vast amounts of sensitive information. The following five predictions provide focus on where improvements can be made and what must be considered to reinforce security systems:
Increase in multi-cloud and multi-deployment environments to protect data: There will be more of a focus on technologies that cater to on-premises, private, and public cloud environments. We can attribute this to the ‘boomerang effect’. Just a couple years ago many organizations were planning to go 100% public cloud and, in some cases, moved a number of their applications there. However, many others discovered that in some instances the public cloud did not meet their needs – due to security issues, having to re-write applications, etc. – so the apps “boomeranged” back on-premises. Having undergone this process, organizations are now increasingly choosing to embrace multi-cloud, multi-deployment environments. They’re deploying applications because they offer the best technology, and because they’re secure – regardless of whether or not they’re on-premises or in the cloud.
Rise in business applications that mimic cloud environments: Even if they technically don’t fall under the public cloud umbrella, organizations will build infrastructures and architect in a way that allows them to stretch and expand applications and turn on and turn off workloads. These environments will look strikingly similar to the public cloud but will be built on-premise or in a “private cloud”.
Increasing impact of IoT device vulnerabilities: Enterprises will struggle to effectively prioritize IoT security mechanisms in accordance with their threat environment due to lack of up-front involvement of security teams in IoT projects, and not having an IoT architect in place. According to the 2019 Global PKI and IoT Trends Study by nCipher Security and the Ponemon Institute, despite IoT being one of the fastest growing trends in technology today enterprises are leaving themselves vulnerable to dangerous cyberattacks by failing to prioritize PKI (Public Key Infrastructure) security. This research also revealed that the two biggest concerns IT professionals have when it comes to IoT security threats are an unauthorised third party altering the function of their devices through malware or other attacks (68%) and being able to control the device remotely (54%). Despite a growing number of options for PKI deployment (cloud, managed and hosted), internal corporate Certificate Authorities (CAs) remain the most popular and have grown 19% over the past five years to 63% – with 80% of financial services organisations favouring this option.
AI tools will help analyse and make sense of data collected with IoT devices: In 2020 we will see the first wave of leaders in the ‘AI for IoT’ space. However, cyber criminals will also leverage artificial intelligence (AI) and machine learning (ML) to find exploits on systems which will lead to prolific and public data security breaches. AI and ML are powerful tools for data crunching and therefore we should expect to see the development of exploit tools that are based on these. We also know that both systems can be defeated or biased to give anomalous results. Additionally, most of the data being used for AI and ML is not normally under the control of a single body. There are multiple sources and owners, so preserving the integrity of data used to train intelligent systems is not an easy problem to solve and attackers can easily exploit this loophole.
- Forget cybersecurity, it’s “hardsec” that will reinvent banking
- Cyber Security and Fraud Prevention Tips For Black Friday & Cyber Monday
- Cryptoassets have been a fraud magnet – but the picture is looking much better
- Read the latest edition of FinTech Magazine, here
Decreasing hype around blockchain technology: In 2020 both consumers and businesses will come to understand blockchain is not a financial panacea. However, keeping this technology secure still entails relying on security best practices, which include secure key management and correct use of cryptography. Concurrently, we will begin to see a focus on quality over quantity – blockchain applications will become more meaningful due to a better understanding of the limitations of the system and where real benefits may be derived.
Organisations need security and privacy controls but must also be mindful as to not drive consumers away. In 2020 the challenge will still be finding that sweet spot between ‘too little’ and ‘too much’ security, and those that are on the lesser side will find themselves at great risk of suffering attacks.
About Peter Carlisle
Peter has over 25 years’ experience in the technology industry including significant periods at Dell, Compaq, HP and Thales eSecurity. For the last ten years he has been focused on the cybersecurity marketplace, helping businesses to protect their valuable data. He understands the commercial benefits of a strong security posture and knows how to engage the market with a strong value proposition. From his extensive travel around the globe he has developed a knowledge of many diverse markets as well as an understanding of customers' real issues and getting to grips with the differences between the local versus the universal.
For more information on all topics for FinTech, please take a look at the latest edition of FinTech magazine.
BME and BBF Fintech to stage sustainable finance hackathon
The first hackathon focused on the fintech and insurtech world at an international level, concentrating on sustainable finance, will be hosted in Bilbao.
The ‘Hack & Disrupt!’ event will take place on 25, 26 and 27 June, and is organised by BME and BBF Fintech. The event aims to bring together companies, entrepreneurs and startups to solve global technological challenges as a team.
The event, which is sponsored by BBK, Plaza Financiera Bilbao and SIX's startup accelerator, F10, wants to connect entrepreneurs and businesses to re-imagine finance and insurance through digitalisation. The challenges that participants will be facing are geared towards innovation and sustainable finance.
Due to the pandemic, the event will be held in a hybrid format, combining a face-to-face part, at the BBF Bilbao Berrikuntza Faktoria, and through a technological platform, which will feature different stands, chats and workrooms. The opening and closing ceremonies, as well as various panels related to the entrepreneurial world and the fintech and insurtech ecosystem, will be streamed from the platform.
What will happen at the event?
The opening will reflect on innovation in the securities markets and then afterwards there will be a panel discussion on sustainability. Challenges will be introduced on Friday evening, and the teams will start working on their resolution until Sunday 27th. Saturday 26th features presentations by several experts, including Berta Ares, General Manager of BME Inntech, and Manuel Ardanza, Chairman of the Bilbao stock exchange.
The winners, which will be announced on Sunday, will be eligible for three prizes: a prospection trip to Switzerland, where they will be able to get to know its fintech ecosystem in detail, the possibility of participating in the incubation Programme and in BBF Fintech’s II Open Innovation Programme, the public-private fintech incubator promoted by Bizkaia’s provincial council, Bilbao’s City Hall, the University of Mondragón and Dominion, as well as direct access to the final interview to participate in the F10 incubation and acceleration programme.
Javier Hernani, CEO of BME, believes that BME's presence at this event reaffirms the company's commitment to digitalisation, innovation and the promotion of SMEs and disruptive startups, which adds to other initiatives, such as the Pre-Market Environment. "Today's startups can be tomorrow's stock market blue chips," he stated. “We also reiterate our support for Bilbao as an innovative financial centre, where BME closely follows the entrepreneurial ecosystem”, he added.