Integrating Digital Transformation and Cybersecurity Transformation in Financial Services

Integrating Digital Transformation and Cybersecurity Transformation in Financial Services


Financial services institutions are now wading through the latest wave of operational changes that focus on customer centricity and streamlined core operations – digital transformation (DX). At a high level, DX can involve shifts in technologies and practices from new third-party fintech interfaces and APIs, to changes in account opening, maintenance, to open banking and insurance, for commercial and retail customers alike.

Coincident with this digital transformation and openness, financial services organizations are recognizing a growing need for an integrated “cybersecurity transformation” which exhibits cyber resilience to address the increased cybersecurity risks that naturally accompany any major transformations. As Maria Allen states in an article “Opening Up to Open Banking” in the June BAI 2019 Banking’s Digital Transformation whitepaper –

Security stands as a huge concern, as open banking significantly expands the risks of unauthorized access, cyberattacks, data breaches and fraud. Banks must endeavor to understand the security protocols of the third parties they do business with and ensure that their customers’ data is secure throughout a product’s lifecycle, both while in motion and at rest.”

Beyond industry regulations, best practices and standards frameworks suggest that highly targeted industries like financial services develop a comprehensive cybersecurity policy and incident response plan based on guiding, auditing principles. For example, the National Institute of Standards and Technologies (NIST) Cybersecurity Framework defines five Core Functions: Identify, Protect, Detect, Respond, and Recover. Using these frameworks, organizations can properly isolate and protect key core functional systems (servers, storage, applications, and data) and institute accountability and processes to handle the modifications needed for the future.

Several software-based risk mitigation solutions to help meet these standards exist, some enhanced by artificial intelligence and machine learning. These include, but are not limited to: Threat Modelling, Intrusion Protection and Detection Systems (IPS & IDS), Role-Based Access Control (RBAC), Attribute Based Access Control (ABAC), Multi-Factor Authentication, and Security Information and Event Management (SIEM). These software-configured solutions focus on the authentication and monitoring of access to production systems, faux production “honeypots”, or offline, data-at-rest repositories, such as cyber recovery data vaults, or sandboxes used to analyze, identify and report indicators of compromise.

However, there are also hardware-based solutions, such as data diodes, that can truly transform the cybersecurity of networks to meet the demands of increasingly open and exposed financial networks. When integrated with an incident response plan that includes cyber recovery, data diodes can keep a network segment, an isolated “dark-site” compute, or data enclave absolutely secure, without threat of exploit, while still allowing files, network and performance, diagnostics, and email to traverse where needed. In particular, the data recovery/cyber recovery data vault methodologies are a perfect fit for Owl’s data diode solutions and will be covered in some depth in a later post.

How are you meeting the cybersecurity demands of digital transformation?

Charlie Schick Healthcare Consultant

Windows 7 End of Life Puts Hospitals in a Pickle

Microsoft is ending all support for Windows 7 on January 14th, 2020 - less than 3 months away (as of this writing)! After that time, there will no longer be any updates (including securit...
December 4, 2019
Charlie Schick Pharma and Healthcare Consultant

Total Geekery: Data Diode Bioreactor Demo

This post will be on the light side, describing a demo I had fun making and about which my co-workers are tired of hearing me speak. Nonetheless, despite the geekiness of the demo, it was...
November 21, 2019
How Will You Securely Expand Your PI System to Include Contract Manufacturers?
Charlie Schick Healthcare Consultant

How Will You Securely Expand Your PI System to Include Contract Manufacturers?

So you want to optimize your manufacturing operations. The competitive landscape virtually demands it, driving efficiency into every facet of every process across your organization and be...
October 30, 2019