Banks Must Embrace Innovation to Reduce Risk
In the ‘third wave’ of Fintech, financial services are working more closely with fintechs and using them to outsource parts of their value chain, such as payments. Although this collaboration can be hugely beneficial for banks and their customers, it does raise the question of how security will be affected.
The risk associated with cyber security breaches is significant. The average number of cyber attacks per business in the UK has increased by nearly a quarter this year and the estimated losses to cybercrime in the financial services industry range from a few hundred million to a trillion dollars every year. The recent WannaCry ransomware attacks were a huge and well-publicised wake up call for many organisations that were not adequately protected because they had not updated old systems. Fortunately, while some advances in technology may pose new risks, innovation can also be the answer to solving this security problem.
The Head of the Future Technologies division at the Bank of England, Will Lovell, claims that technological innovation could greatly reduce risk in financial services. According to him, due to the rapid maturing of cloud technologies, we are now approaching a point where adopting cloud services could be more secure for certain businesses than using their own systems. Although security is cited as the number one reason that many businesses are wary of adopting cloud, as Lovell says, there is evidence to suggest that it could be more secure. One report found that on-premises environment users and customers suffered more incidents, with an average of 61.4 attacks, than those in service provider environments, who suffered an average of 27.8.
While for many businesses the idea of keeping information on servers they do not physically own seems risky, it has been found that the physical location of data is far less important than the means of accessing it, regardless of whether it is kept on a server or a cloud-based system. Therefore, more security efforts should be focused on who can access what information and how, with measures such as two-factor authentication and possibly, in the future, biometrics. People who build cloud-based platforms also typically focus more on security than those who build systems that will exist behind firewalls, reducing the likelihood of successful cyber attacks.
Many experiments are also underway on AI, blockchain, and predictive data analytics to secure banking data and reduce operational risk. The sheer amount of data that financial services have to manage, monitor and protect is one of their biggest challenges and sophisticated data analytics can help to ensure its quality and security.
Encouraging technological innovation in cyber security is also a priority for the government. The Government Communications Headquarters are now working alongside startups and sharing their expertise to help fight cyber crime. The government is also supporting greater innovation in cyber security by funding cyber innovation centres to support startups working on new technologies specifically designed to keep banking and data systems safe.
Some businesses may consider adopting new technologies such as cloud to be risky because of a perceived loss of control, but lagging behind technologically could potentially be more dangerous. The operational risks associated with maintaining old legacy systems could soon become greater than the possible risks posed by new technologies. Cyber security needs to be given higher priority and leveraging new technologies to reduce all kinds of risk will be key.