By Chris Pickles, Director, Picklesnet.
Risk is at the core of the financial services industry, and the ways it’s managed create a secure environment that can be relied on. In some cases, risk is a hindrance, but it can also create opportunities: managed appropriately, it can help create and grow business.
But how can a firm balance risk and security? On a basic level, it has to make sure that systems continue to work and protect data. It also needs to address changes within the industry, which security solutions have often failed to do in the past. As the sector has developed into a community where some members are both service providers and service users, the impacts of not getting that risk/security balance right spread quickly, just as in 2008 when the wrong decisions about risk of one organisation triggered the global economic crash.
Security in the financial sector needs to be approached with innovation. This is already beginning to happen: for example, Host-based Card Emulation is now used for payments, replacing hardware-based security devices with software-based functionality. Such innovation paves the way for further development: once functionality is converted to software, the next logical step is to use a cloud environment to reduce the cost and increase the speed of roll-out of new functionality. That also reduces the dependency on, and cost of, physical hardware. Being able to deliver and take advantage of new approaches to security is key to better risk management and business competitiveness.
Staying at the forefront of security technology is vital for the financial sector as the number of customers wanting to use off-net services continues to reduce. At the same time, the increase in the use of network services is increasing the size of the potential community that financial institutions can address.
Initiatives at government and regulatory level — such as the UK Government’s Identity Assurance Programme and the G-20 governments’ Global Legal Entity Identifier System — demonstrate how security can also be a business enabler. They aim to break down barriers that hinder business, reducing unnecessary risks and accelerating business reliability.
Security is not just about threats — it’s also about opportunities. The internet has shown us the importance to networked business of sharing and communities. Though attitudes to sharing are currently complex, more security solutions need to be shared to reach and serve larger communities. Being at the forefront of technology is no longer something that each financial institution has to achieve on its own and independently. A community-wide approach to security is more crucial to business success than ever before.
Chris Pickles is an independent consultant and has worked in the financial technology sector for 40 years on behalf of organisations including BT, Reuters, Deutsche Boerse and the UK Government. He specialises in interpreting the impact that financial regulations, industry initiatives and standards will have on business operations and IT within financial institutions around the world.
