Security leaders need proven methodologies to secure safe flow of unstructured data, closest to where the data is accessed by users or applications.
By Ravi Srinivasan
The banking and financial services sector is often the bellwether for cybersecurity development and maturity while sometimes viewed as behind in digital and cloud technology adoption. This is because of the deep roots in legacy technologies and processes within these organizations. Most banks, regardless of size, can be overwhelmed by the demands to digitize more of the core banking, workforce and customer experiences and harness the insights from unstructured data to create business value while remaining diligent to comply with increasing data privacy and protection regulations. According to recent research by Fintech Futures, approximately 80 percent of banking data is unstructured. Changing workplace environments, mounting workloads, scrutiny by regulatory bodies and labor shortages have put the pressures on these institutions to digitize. And to do so quickly and securely.
As IT and security leaders in the banking and financial services sector, regardless of the position you are in, there are emerging cyber threats and on-going risks that need to be identified and addressed in digital processes. In this article, we will identify the most pressing cyber risks that need to be addressed by financial services organizations undergoing rapid digital process transformations.
1. Resilient cyber defense for a hybrid cloud reality
One of the key components of financial services digitization efforts is hybrid cloud adoption and migration. The traditional “defense-in-depth” approach to protect data and networks in the on-premise data-centers has to transition to a “zero trust” approach for hybrid cloud environments. Bad actors continue to persist and exploit weaknesses and blindspots that occur in these transitions. Some examples of common weaknesses are misconfigured data lakes like AWS S3 buckets, insecure cloud workloads and exposed APIs to third party providers, which offer unauthorized access and exposure to unstructured data.
Unstructured data, such as banking statements, earnings transcripts, loans processing and tax documents are now able to flow freely across multiple new channels, to/from untrusted sources and even unmanaged resources. It’s become fairly easy for bad actors to disguise malicious content as legitimate files that can infect core banking, cloud storage and other cloud-native applications. Security leaders need proven methodologies to secure safe flow of unstructured data, closest to where the data is accessed by users or the applications.
2. Safe data sharing with third parties and regulatory authorities
Financial services companies have been expanding data sharing initiatives to improve customer experience, facilitate collaboration amongst the industry and regulatory agencies and to glean insights to reduce impact of cyber risk to banking operations. Take the following example scenarios:
- Ingesting unstructured data into a core-banking platform from multiple regional banks to close the daily ledger without disruption
- Merging with regional banks and offering a single interface to access banking statements from multiple, disparate systems
- Establishing a common portal for collaboration with other institutions and sharing unstructured data that can help combat fraud
- Connecting with personal financial management and budgetary planning applications—such as Intuit’s Mint
- Working with data analytics providers to train AI models that can assist with identifying and predicting and responding to risks (unqualified loan applicants, potentially bad investment decisions etc.)
With unstructured data flowing freely in and out of numerous channels, and often stored shared data lakes, there are more opportunities for it to be maliciously intercepted and compromised. Regardless if your bank has a mature security posture, if one of your third parties has lax security and experiences an incident, it adversely impacts your institution or customer base. Security leaders need proven solutions to secure safe flow of unstructured data that will work with existing cloud, collaboration, and data management platforms.
3. Ensure data privacy and security in emerging digital process changes
Financial institutions are rapidly transforming long standing business processes with emerging technologies. They include back-office processes, such as loan and claims processing, modernizing workforce and customer facing applications, portals for collaborations and data sharing with third parties. For example, instead of bringing a copy of a loan application to the physical bank, customers upload it to a customer-facing portal and converse with an AI chatbot. This removes the need for a human to do repetitive tasks, but opens the door for potentially malicious content to reach the network along with increasing the data privacy and data exposure concerns.
While the emerging digital and AI technologies have the potential to unlock great value, they present near term security gaps or blindspots that the bad actors are eager to exploit for nefarious purposes. Any new security approaches must thus become an enabler to safely use these technologies with guardrails, but not introduce friction, such as block or quarantine.
4. Securing data real-time is essential for any rapid digital process transformation
One thing common in any digital process transformation is the need for free and safe flow of data. In this period of rapid transformation, more and more unstructured data is generated than ever before. And there are even more avenues for unstructured data to flow through and be stored in multiple platforms. The traditional cybersecurity strategies that we have relied on for decades are not sufficient in this expanded digital ecosystem. This is particularly troublesome for financial institutions because of the level of sensitive data they hold. The information they possess could give bad actors an open door to disrupt digital processes and wreak financial havoc. Financial institutions are also heavily regulated and subjected to stringent data protection policies. So, how can financial institutions digitize without risking compliance or a breach of client data?
Applying a real-time approach to data-first cybersecurity is the best place to start. Implementing content protection technologies in all of the avenues that data flows and is stored—consider corporate-owned and personal employee devices, browsers, portals, cloud-, collaboration, data-management platforms, API and application-to-application file transfers. This will require your enterprise and security architects to jointly assess the security posture in place and adopt real-time content security services that can keep pace with new digital avenues and increased volume of data and content.
Ravi Srinivasan is CEO of Votiro.