Davos Notes: Cybersecurity Must Keep Pace with Fintech Innovation

Greg Day


Category: Cybersecurity

In today’s digitally connected world, it seems many have an increasingly myopic view, as it’s all too easy to get caught up in what’s important to individuals instead of collective needs. As such it was very interesting to attend a CNBC debate session at the World Economic Forum Annual Meeting in Davos, entitled “2016: The Year Fintech Dominated Disruption”.

The concept seems an oxymoron: as technology evolution continues exponentially, I wonder what comes after domination?  One panelist commented that, whilst many consumers will experiment with new tech that includes financial transactions, the financial investment is typically trivial, and the reality is that consumers will come back to the organisations they have trusted for decades in which to invest their entire capital wealth.

At the same time, there was acceptance that retail technology transition had overtaken the financial organisations, so they are now pushing for innovation. This drove much of the broader discussion on where and how such innovation is driven. One bank highlighted that today they are working with over 70 different financial technology companies through the partnerships, joint ventures or acquisitions they have made. Whether these are evolutionary or transformational, I would speculate all of the above.

Financial regulation has always seemed to be a constraining factor to fintech innovation, from my perception, but it was highlighted that more regulators are now starting to support small sandbox environments to allow more dynamic application of new environments to test fintech concepts. It was very interesting to hear the debate, which effectively challenged innovation versus trust, and given this, it was surprising cybersecurity didn’t enter the discussion further.

On one hand, fintech looks for new methods to deliver old services via such tools as blockchain, which can provide a new architecture to allow greater transaction volumes to be processed and stored, with timestamped and linked data blocks for a permanent verification trail. On the other hand, fintech also creates the opportunity for far more complex transactional processes; indeed there were predictions that machine-to-machine transactions will someday outweigh the number of human-based financial transactions.

There is an old adage that you’re only as strong as your weakest link, so considering what, in finance, looks likely to become a transaction process with greater volume and complexity, the need to transform how we secure platforms, applications and processes is clear. Typically, security is applied at each level in isolation, creating fragmented, high-volume and partial indications that then rely on human analysis in order to validate whether there is a cyber incident.

All too often cybersecurity comes after innovation, and while fintech is undoubtedly disrupting how transactions occur and consumers are pushing banks to evolve, cybersecurity requirements are only going to become more complex. It’s important to start to connect and automate the cybersecurity capabilities across the payment ecosystem, in collaboration with banks and fintech providers, to create security-aware, integrated platforms that are as automated as the transactions being processed. Only then can cybersecurity, and the required trust that goes with it, keep pace in this disruptive space.

Got something to say?

Get updates: Unit 42

Sign up to receive the latest news, cyber threat intelligence and research from Unit42


SUBSCRIBE TO RSS