Adam Vincent, CEO, ThreatConnect
Financial companies are increasingly embracing advanced technology to bolster their key services. Automated fund management has become a daily reality for many retail investors as advanced financial technology becomes miniaturised – companies like Nutmeg have built their business design on mobile-based automatic investment.
Even for larger, more traditional investment houses, essential market and risk analysis is shifting towards digital – as machine learning gets to be more advanced, software is increasingly capable of singing critical judgements that were previously the preserve of humans.
With that shift comes a heavy reliance on technology in frontline business as well as back-end processes. As such, the security of those applications is paramount. Banks and other financial institutions need to ensure they have full visibility of their systems and are able to detect potential threats for their customer-facing systems. A compromised investment app can lead to serious losses and, if the firm in question is influential enough, possess a significant impact on wider markets.
Security's weight problem
To additionally problem, the cyber security that guards those banks is often huge, unwieldy and poorly linked up. For many years, the young cybersecurity market continues to be about specialism: laser-focus companies designing highly-adapted solutions to solve a particular problem – malware, say, or phishing – as well as possible. That's all well and good meaning that each platform does the best job for its users, but with time it's led to a highly expensive and unwieldy situation for buyers and security analysts who have to assemble a defence from multiple vendors.
Think from it this way: imagine you need a new car. But instead of going to the local dealership and purchasing a shiny Ford, you need to ring up the door manufacturer and get them to bring you four doors. Then you definitely call the seat company, and they deliver five seats. The engine makers, the boot shapers, the hubcap painters. These craft a quality product, but you're playing an enormous bill and you still need to put the thing together and ensure it actually works.
That's essentially the problem facing large banks in the current culture. They purchase a firewall, an e-mail filter, a threat intelligence database, an antivirus software, and other things they need, and each of them does a great job – but overall, they're a burden to run. They don't talk to each other, with each having its own dashboard. Security analysts have to spend hours sifting through alerts to find the truly crucial issues, and energy is lost tending to individual systems.
That's the CISO's problem. As well as the CEO, there's a bigger issue – running multiple security systems is expensive. Really expensive. The more systems you have, the more highly-skilled staff you need, and they're few and far between. Where cybersecurity was once a classic back-office concern, like air conditioning or heating, it's now a central a part of strategy and a key pillar of both reputation and customer retention – financial legislation leaves no room to fail. Above all, though, at present, it's a cost centre.
Send an algorithm to execute a human's job
So how do financial institutions keep up with the benefits of digitisation whilst reducing the weight of security? In a word: orchestration. As cybersecurity has grown and developed, so has computer automation. Companies can now link their key systems together within single automated management tool (often referred to as a security orchestration, automation and response or SOAR platform) to reduce the weight on their staff. Orchestrating your security landscape essentially means integrating systems to ensure that their alerts and data flows are monitored through the SOAR, which then automatically resolves low-level alerts and flags up high-priority problems that need human review.
The upshot of this is that security resources may then be spent more profitably on strategic initiatives like system reviews and regulatory compliance. The CISO is satisfied because their security systems are preventing attacks and the team is more available for new projects, and the CEO is happy because costs could be streamlined by removing unnecessary admin tasks and slimming down software spend.
More importantly, an effectively orchestrated home security system can be easily amended to accommodate new elements of the organisation's digital landscape – meaning that financial organisations are freed as much as innovate in the age of PSD2 and open banking without fear that every new application will come with a six-figure security cost.
Digital banking is the future – there's no question about that. But financial organisations will have to change the way they approach security system management if they're to keep up with and support innovation. Orchestration is one way to lighten the load – without compromising on quality.