This is an interview with Mark Weir, Regional Director – UK & Ireland at Fortinet. Fortinet is a global cybersecurity firm based in California.

How real is the threat of cyber-attacks to the financial services industry?

Weir: Financial services are about as big a target as the cybercriminal community has, if the pure amount of attacks in 2016 is anything to go by. Due to the sensitive nature of its data and the value it holds for the cybercriminal community, it will likely remain in the crosshairs moving into 2017 and beyond. As the attacks grow in both number and complexity, financial institutions will have to prepare to better detect and mitigate threats in order to protect their organisation.

What is the level of understanding of cyber risk in financial institutions?

Weir: Whilst financial institutions are generally quick to adopt new technologies, every large retail bank is still hamstrung by legacy infrastructure and applications. To address that, they need to start examining their technology from a base level. This means understanding which platforms are under threat and ensuring they are fully up to date with security patches. But that is just a first step. What banks need to ensure is that they build upon that initial perimeter defense and start putting a ring around key applications. It is web applications that have long been favourite targets of hackers because they have access to valuable information and they are relatively easy to exploit.

Is enough being done across the industry to protect against cyber-attacks?

Weir: Industry players, their partners, big players in other verticals and vendors; all of them have little pieces of the jigsaw making up the bigger picture of protection against cyber-attacks. Only by them all being more co-ordinated and collaborative will defense be on par with the levels of attacks. Cybercriminals are certainly very well-organised, well-funded and well-regimented. They also benefit from having more time to prepare their attacks than those defending, so a more co-operative partnership between sectors, where organisations share intelligence is key to counteracting the threats.

As cyber threats are continuously evolving, what can financial institutions do to stay ahead of the curve?

Weir: Cyber threats evolve continuously, much like a fashion collection. Last year, Distributed Denial of Service (DDOS) attacks were in vogue and financial institutions are scrambling to ensure applications are protected from a DDOS point of view and ensure that the perimeter is fully patched and up to date. This way they can mitigate financial loss resulting from customers being unable to access their accounts and make online transactions.

And yet this can’t be done at the expense of more granular layers of application level security. Even if a hacker gets through those perimeter layers, there must be protection at the application level, for services such as checking your balance on a banking application. Cybercriminals can be hiding malware at this level, behind what would appear to most people to be legitimate requests.

It’s important to ensure a fully comprehensive response, as cybercriminals will already be working on the next big thing to attack your organisation.

What should the role of regulation be in ensuring that the FS industry is cyber resilient?

Weir: Banking is heavily regulated, and rightly so, but sometimes banks can wrongly go down the path of simply trying to meet compliance. That can all too easily become a minimum standard for security. It becomes a tick-box exercise. But the issue is, it may or may not be what is actually required for a particular application. Banks need to go on a security journey that is not only cost-effective and helps them towards compliance goals, but this journey first and foremost needs to be pragmatic. Cyber threats change on an hourly basis and cybercriminals are a moving target. Meeting the minimum standards of compliance can only go so far in helping financial institutions combat them. 

In the past few years, we have seen increasing levels of collaboration between large financial institutions and fintechs. What security considerations should banks and insurers have in mind when looking to work with fintech start-ups?

Weir: Large financial institutions are always looking at new ways of fixing problems and fintech start-ups can provide innovative solutions to these issues. However, security forms part of a bigger business consideration which needs to be made when collaborating with a start-up. The future for that particular organisation needs to be considered heavily. A financial institution may build a strategy based on a particular start-up’s technology but you need to make sure they’ll still be in business for years to come. Is there a likelihood of them going bust?

Another consideration is their global footprint. There may be some areas of the globe you may not want to work and do business. Do they have a footprint in the right geographic locations, and do they have security operation centres in the geographies you operate in? We should embrace new ideas and new technologies from new companies, but also consider the security implications.

What are the most exciting trends in cyber security sector?

Weir: Due to the sensitive nature and value of the data associated with it, the financial sector will undoubtedly remain a top target for cyber criminals in 2017. Whilst typically the finance industry has lagged behind other industries when it comes to moving data to the cloud, we expect to see more and more financial services institutions making the move. We have already seen some large banks and organisations making the move to public cloud providers such as Amazon Web Services (AWS) and Microsoft Azure. But they shouldn’t forget basic principles around the security of public clouds, and whether or not they have the ability to audit these services.

In 2017, we should also expect malware to get smarter. At the moment, malware can hide in a device or a network, but it is only programmed with a specific objective. A hacker simply points it at a target, and hopes that it will accomplish its goal. But now, threats are getting smarter and adapting to operate autonomously. We should expect malware designed with adaptive, success-based learning to improve the success and efficacy of attacks. The new generation of malware will be situation-aware, meaning that it will understand its environment and make calculated decisions based on this. Such as evading detection, choosing methods of attack and identifying targets.

How do you think the tech landscape will have changed in 5 years’ time: will the FS sector be more cyber resilient?

Weir: The FS sector is gradually starting to move towards the cloud to deliver the best customer service they can. Some organisations are moving entire systems and platforms to the cloud whilst others are opting for a hybrid approach. In five years’ time, I expect that a large majority of organisations will be operating in the cloud. With this increased migration, security is imperative, and with it comes many more factors to be considered when selecting a cloud security vendor. Data security, scalability, visibility and control as well as openness are necessities to be kept in mind in order to protect data, and mitigate reputational damage which can be devastating for any FS institution.

However, it’s important to note that the threat landscape from the last two years is unrecognisable now, and predicting the next big innovations in tech is impossible. In the cyber security industry, the fast-paced environment means that 5 years is equivalent to 20 years in any other industry! We will be more cyber resilient if we find better ways to communicate with other organisations and sectors and put data security at the heart of this.

If you could give one piece of advice to a financial institution on its cyber security strategy, what would it be?

Weir: For all financial institutions, every application and the data held within it is important, but it’s up to them to understand and prioritise what is important to customers. The trust financial institutions have with customers is critical to preserve brand loyalty and their reputation in the industry. They should build a security strategy around that trust, and the data held within their organisation.

If they don’t have an understanding of this, they need a plan to get there. In order to make this plan, organisations should pull together key stakeholders in the business, not just from IT and security but from all lines of the business. If the IT function acts in silo, without insight from other departments, this can lead to making an application which is unsuitable for particular use cases. This is why Line of Business representatives across departments need to be present in security workshops in order to create a high level plan which all stakeholders can buy in to. This is a problem which is particularly faced by financial institutions, the larger the business the more difficult it is to have these kinds of meetings to ensure that everybody is on the same page when it comes to cyber security.

On June 7th, Finovate hosted the “Personalising Financial Services in a Customer-Centric World” webinar. On the panel was Julius Abensur, Head of Industry Finance, Relay42, Simon Bloom, Director of Commercial Operations, Relay42, and Katelin Cwieka, AVP Social Media & Brand Communications Manager, Avidia Bank.

Listen to this lively discussion about the role that data, effectively leveraged, can play in designing and delivering financial services that are truly customer-centric. Understand how to create a single 360 customer view and how to enhance the customer journey and deliver personalized and relevant messages to your customers. Empower the ability to automate and orchestrate your activities – reduce key KPI’s like cost per acquisition by 50%.

We had insights from both a provider of data management services, Relay42 as well as from a financial institution, Avidia Bank that is on the front line of creating best-in-class financial services products for its customers.

“92% of marketers are confident their business is preparing for GDPR. Only 4% realise they’re responsible.”

This exclusive report explores how marketers need to move now, to turn data protection, into a real business opportunity: form.relay42.com

This article was first published on FinTech Futures on April 18th 2017.

Liz Maguire, Head of Digital & Transformation at ANZ reveals the secret to her success within fintech and #WomenInTech.

How did you start your career?

I started in a bank graduate programme straight out of university in a frontline role. I’ve since worked in lots of different departments and roles across several companies and time zones. I’ve held leadership roles in products, marketing, business support and channel management, and now lead a fantastic Digital and Transformation function at New Zealand’s largest (and best!) bank.  

What sparked your interest in fintech?

I’ve always worked in areas which are trying to do things differently and better – and this has really motivated me.

The Digital and Transformation area is a perfect fit for me – we’re part of an industry which is evolving around us and we’re using digital tools to drive the evolution.

I also love the people aspect of it. It all comes down to human behaviour – everything we do starts with people. We don’t just think up cool digital stuff and then try and get people to use it. We study the way people think, behave, work and live and design digital banking functions to make their lives easier – and that’s pretty satisfying.

What was your lightbulb moment?

I have lightbulb moments all the time – doesn’t everyone? For example, I had a real lightbulb moment about the so-called ‘disruptive FinTech companies’. The whole fintech industry is often positioned in quite a negative light for banks, but I think this ignores the fact that banks have a huge track record of digital transformation already.  There are fantastic examples of fintech enablers – those which help banks be better at a particular aspect of what they do. I see enormous opportunity in this.

What inspires you?

People with growth mind sets inspire me – those people who have the ability to take 1 plus 1 and create 3. I have tremendous respect for people who have overcome large obstacles to achieve their goals.

Also, on a daily basis I’m inspired by great customer experiences – whether that’s a story about how one of our bankers or digital tools have impressed a customer, or an experience I’ve had with a company that has blown me away.

Why is the #WomenInTech movement important?

It’s bringing together two important things. Women are half of the population and so we need to address the disparity in the industry. And it’s such an important industry – it’s a crucial part of society and the way we all progress. We need to get as many diverse brains as possible working on the opportunities that exist out there for technology.

What piece of advice would you give women starting their careers in FinTech?

As a whole, society has come a long way in the gender equality stakes. But we’re definitely not there yet, especially in this industry. I think it’s important to ensure young women are supported and can learn from the examples of others. This might be simple things like learning to speak up in meetings, how to ask for help and how to be more visible.

Throughout the year we will be profiling women in fintech, not simply to celebrate their success but also to hear what has worked for them during the course of their careers. Click here to read more inspirational stories from fintech’s leading women >>

This article was first published on FinTech Futures. Françoise Lamotte, SVP, Head of Direct and Digital, MetLife EMEA, tells us about her path to becoming a distinguished leader within the FinTech industry and gives some invaluable advice for companies and women aiming to give rise to Women in Tech. Lamotte is on the Advisory Board for InsurTech Rising 2017, the leading InsurTech showcase for the future of insurance.

How did you start your career?

I started my career 25 years ago in Japan – I was absolutely fascinated by the country after spending 18 months there as a scholar funded by the Japanese government. At that time there was no internet, no mobile or smart phones; it sounds like pre-history!

What sparked your interest in FinTech?

In 2007, I became the first chief digital officer of AXA group. I realized the tremendous challenge for a large multinational company to digitally transform itself and bring innovation to the forefront. Large companies have assets like brand, customers, data, capital, but often lack the agility and the willingness to experiment. Fintech is the primary stimulus for more customer centricity. More importantly, smart partnering with startups is, for me, the best way to prepare the future when you are a large incumbent.

What was your lightbulb moment?

I had the opportunity to work at a very successful start-up of the sharing economy and experienced how company culture is critical for success: sharing the same vision, strong values, leadership and transparency, customer focus – these are key ingredients that need to be seeded from the very beginning to ensure success and growth.

What inspires you?

I am inspired by courage and determination – a mix of “anything is possible” and “I can do it”.

Why is the #WomenInFinTech movement important?

Diversity in the workspace is very important. Organizations perform better when they are inclusive and when women are strongly represented at all levels. However, when you add “tech” to the equation, it seems it raises an additional barrier.  Right from the source, the pool of female talents is currently more limited – fewer female engineers, fewer female studying computer science, etc. The #WomeninTech movement will help inspire female students and young professionals to choose careers in that space and create an inclusive environment where they can thrive and succeed.

What piece of advice would you give women starting their careers in fintech?

Choose the right environment for you, meaning the project that inspires you and the colleagues and leaders who develop a great company culture. Get support and coaching from a mentor. Join Women’s network. Give visibility to your work and achievements – speak up, promote what you do, share your opinion, get on stage. Be brave and dare.. and you will succeed.

Throughout the year we will be profiling women in fintech, not simply to celebrate their success but also to hear what has worked for them during the course of their careers. Read more inspirational stories from fintech’s leading women >>

This article was first published on FinTech Futures on 22 March 2017. 

Throughout the year we will be profiling women in FinTech, not simply to celebrate their success but also to hear what has worked for them during the course of their careers. This week, Samina Rizwan, Enterprise Architect, Habib Bank Ltd tells us about her path into FinTech and how she has become a distinguished leader within the industry, making a positive impact in the financial services industry. In 2016, Samina was shortlisted for the Woman In Technology (W.I.T) Award with Banking Technology.

How did you start your career?

I started my career 1995, as a Computer Systems Engineer working for a PCB manufacturing company in San Jose. Being a professional engineer, I was excited about the challenges I used to face each day when I routed and designed multi-layered circuit boards in those days where technology was in its midway especially in a country like mine. Yet it was far from sight as to when that type of technology would become common and a career path for engineers in Pakistan. I then switched to the software technology soon after realizing these facts and proceeded with software development further growing into the project management regime and remained as a vendor for another eight years.

I joined the financial industry after 10 years of my career where I started working as customer rather than a vendor and that really change the way I thought about technology, as I was the end user of it. Being a banking technology person, the need of satisfying the bank’s customers became a pressing need of the day. I was engaged in the IT Portfolio Management at the bank working with internal and external customer and also turned the technology back end to offer more innovative financial products.

“I always believe in ‘change for good’.”

What sparked your interest in FinTech?

The Fintech Rise. As the financial world is shrinking and becoming more personal to customers based on their requirements, lifestyle trends, socio-economical changes around the globe has limited the financial institutions to cover the demand and supply cycle of all the customers at an equal and consistent level. Hence the rise of FinTechs gaining momentum and disrupting the financial industry by their financial inclusion in everyone’s life.

What was your lightbulb moment?

In developing countries like mine, the FinTechs have played a vital role along with other service providers like TELCO companies that are providing simple means of payment services to the unbanked masses.

This disruption created a phenomenal change in the financial institution including my previous and current organization to startup banking for the unbanked. This has not only brought in competition to the local market, but is also now becoming popular in the international markets. The African region is offering similar financial products to their customers using technology.

“Women have proven to be an important and critical part of the technology.”

What inspires you?

After having said all about FinTechs, financial institutions, we all remain human at the end of the day and being a human gives us the leverage to bring change on a faster pace, thus driving the technology owners to bring corresponding changes in their technology stacks. I always believe in “change for good” and so I follow the FinTech models to bring changes in the financial institutions while crafting business and IT strategies, bringing in new technologies to the bank, creating room for innovation and new ideas like digital banking.

“Women are far stronger than they think and can carry on another mile to reach the pinnacle of their professional lives and pick themselves up and move on…”

Why is the #WomenInFinTech movement important?

The other half of the world has always been a part of almost every industry, technology included. We, as females have been consistently assisting, creating, developing, researching, innovating, working by all means in all areas of science, technology and engineering at superior levels rather than mediocre levels. The current C-levels in most technology giants currently are “females” and I am really proud to be a woman too. Women, being patient in nature and having the great capability of multi-tasking, have proven to be an important and critical part of the technology.

What piece of advice would you give women starting their careers in FinTech?

I still consider that many women are still far away from being a mid-level and leading positions, and the main reason for such exclusion might be due to mid-career exits from their professional life and entering into domestic lives. It is also due to upbringing of children most of the time in our part of the world. But I would suggest that they are far stronger than they think and can carry on another mile to reach the pinnacle of their professional lives and pick themselves up and move on…