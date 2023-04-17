Digital acceleration is essential for competing in today's financial marketplace, but it doesn't come without risks. The core priorities for financial institutions today are trust, security, and resilience. So, how can you balance digital transformation with risk to become Future Ready from a financial sector perspective?

In a new episode of Fortinet's 'Securing Your Digital Journey' presented in association with CNBC TV 18, the implications of cybersecurity on trust and resilience in financial organizations were discussed.

Moderated by Gautam Srinivasan, a discussion was held with speakers Dr. Sourav Dutta, Executive Director IT at IDBI Bank, Anuprita Daga, Chief Information Security Officer at Yes Bank, and Vishak Raman, Vice President of Sales for India SAARC and Southeast Asia at Fortinet, who shared their expertise on how security needs to be integrated into digitization efforts to ensure that innovation and transformation are carried out securely.

Digital transformation has rapidly accelerated for financial institutions, and with it comes the question of managing risks. When considering customer-centric initiatives and the launch of many new services and products, where should the security journey begin? Sharing his thoughts, Vishak said, ‘Look at security as a business enabler to reach out to your customers, offer new value propositions and services, and bring in more intelligent data and secure it properly. I see security as a foundation that enables your digital service creation, not something to be considered after a product or service is launched. It has to be designed from the ground up, and security should be a part of the design rather than something bolted on after launch.’

How can a Financial Services organisation lead and succeed in innovation without getting overwhelmed by risks that come with expansion and innovation, especially in a traditionally risk-averse industry? Sharing his thoughts, Dr Dutta said, "Banks are pillars of trust, and security has become an integral part of the banking industry. In the past, technologies like IPV4 were not designed with security in mind and had to be added later. Similarly, banks now rely on technology to conduct transactions and have become more like tech companies with a banking license. Going forward, it will be the information technology departments that lead the banking business. Therefore, security must be built into the system and overall architecture from day one. The bells and whistles can come later, but the minimum viable product must be secure."

Organisations today are under immense pressure to innovate while keeping risks in mind. But how can they effectively balance these competing priorities? According to Anuprita Daga, 'Everyone talks about security by design, but with the rapid evolution of technology, security itself is evolving at the same pace. What was once considered a technology problem, is now a business problem. To build customer trust, security must be embedded into every aspect of product or service development, including the technology behind it. A comprehensive security framework must consider people, processes, and technology, with real-time threat monitoring and reconciliation. End-to-end security stitching can significantly reduce threats to customer transactions. Security has become an integral part of corporate strategy in banking services’

Daga also emphasized the importance of trust in the financial industry and how it is essential to maintain it through proper security, resilience, and trust practices. With the constant evolution of technology, businesses must adopt new technology to stay agile, but at the same time, they must be quick in detecting threats and internal/external issues by using AI and automation. This approach requires building trust and resilience throughout the entire ecosystem.

When asked about his thoughts on what a successful future-ready bank should look like, Dr Dutta shared, "A future-ready bank should be customer-centric and provide an excellent experience. It should be fully digital with the advent of new technologies and central bank digital currency. This will be a game-changer, particularly for the retail sector. Additionally, conversational tools such as AI and chatbots will play an important role. With automation of services on the rise, it's imperative that security is robust."

In the world of financial institutions, traditional MPLS circuits are going out of style as application-aware networks take over, according to Vishak Raman. This convergence of security and wide-area networks is known as the Secure SD-WAN, and it's software-defined. But that's not all. With today's expanded networks, users, applications, and data are all important pillars that require consolidation and visibility. That's where the fabric approach comes in.

The fabric approach has four fundamental points that are critical for financial institutions. Firstly, an operational dashboard is needed across these pillars of assets. Secondly, threat intelligence needs to come in from outside and back into the fabric mesh. Thirdly, identity needs to be ensured so that the right user accesses the right application using the right device. Finally, policy enforcement needs to be consistent across cloud, endpoint, and application. This approach, with a zero-trust principle, provides better and complete security control.

In summary, the Secure SD-WAN, fabric approach, and zero-trust principle all work together to bring financial institutions a secure and consolidated network that provides visibility and consistency across all critical pillars.

Note:

This is a partnered post.