More and more businesses are starting to adopt cloud computing as a significant part of their business and digitalization strategy and the overall confidence in the public cloud has been growing rapidly. With greater flexibility and low capital investment requirements, the public cloud makes it easier for organizations to implement newer and more competitive computing tools, like mobile solutions and real-time data analysis.
We would like to share the views and experience from some industry experts joining the panel from Framtidsarenan earlier this year, covering “Cloud services in the financial sector – risk or opportunity?”
- Jonas Svanström, CISO, Skandia Nordic
- Erik Blomberg, CISO, Handelsbanken
- Henrik Allert, Vice President, Industry & Product Strategy at Itello
- Mikael Eriksson, CTO, Metafore
Even though the financial services industry is still in the early stages of moving to the cloud, most organizations do have a cloud strategy – usually a mix of on-premises, private, and public cloud infrastructure. However, uncertainty and doubt are still big concerns for financial organizations looking to make the move to the public cloud. Due to security and compliance concerns, many financial services organizations continue to maintain an on-prem or private cloud-only approach.
New technology – emerging threats
With increased digitalization and the increased use of technology, such as AI and the public cloud, new types of threats and risks emerge. Therefore, applying systematic security work is crucial for any business or organization. Having a strategy, management, rules and a monitoring operational function, which must be preserved and further developed when it comes to new technology, is crucial.
Looking at the risk level, it’s important to continuously follow a number of scenarios that could threaten a company and its customers. Three distinguishing threats are:
- Ransomware, which has been a threat for a long time and is probably seen as the biggest threat of today.
- Congestion attacks, which started appearing last fall and have since then escalated.
- Supply chain attack, which is a relatively new threat level that must be monitored.
These criminal elements are extremely skilled so it’s important to strengthen one’s resilience with machine learning and AI. Furthermore, there is also fraud against customers, which must constantly be addressed.
The digitalization that is taking place now, with new financial ecosystems being established at a fast pace, is something out of the ordinary. However, transforming and moving to the digital world does not change the goals of organizations, nor the basic idea of more satisfied customers – through personalized customer interactions and meetings, growth, prosperity and lower costs, to mention a few. The goals are the same. Taking advantage of new technology and focus on your customers will be crucial for businesses’ future competitive advantage.
Security should not be compromised in any way
Companies within the financial sector have many customers and they are entrusted with not only the management of their customers’ money and capital but also with their personal data. With that comes huge responsibility protecting this information. In that perspective, it’s important to focus on the security and management of these assets. Needless to say, security is an essential point, which should not be compromised in any way, regardless of the form in which it is delivered. A potential security incident would damage a company’s brand and risk damaging the trust of its customers.
At the same time, there is great pressure on the market, from competitors developing new services, quickly and often at a low cost. Many of them are completely cloud-based, especially startups. By meeting these changing market situations and using new technologies, companies can automate their workflows.
When entering the cloud, the approach must be systematic and put the services that you are dealing with in relation to security and compliance requirements. The cloud is not suitable for all types of applications. The recommendation is to have a clear process for how to evaluate cloud services and put it in perspective with the needs and risks connected to those.
Itello’s long-term commitment
A few years ago, the attitude towards the public cloud started to change, largely driven by the fact that the Swedish Financial Supervisory Authority started sending positive signals of the usage of cloud based services. This became an indication that the industry was opening up for a true SaaS solution, delivered via the public cloud. Historically, the industry has largely dependent on in-house developed systems, where Itello, together with our customers, have made a very successful move and proved the power of using standard systems.
We have a long-term commitment to our customers with a future-proof core platform. In this, Itello has always had a compliance-first philosophy. In order for us to deliver a relevant and competitive solution, it will need to be cloud-based. Scalability and security is the way to ensure that businesses can tap into and use tomorrow’s technology to create business value. It will be delivered via the cloud so the core systems must also be present there. In close collaboration with our customers, the Swedish Financial Supervisory Authority and authorities, we’ll lead the way so that this forward-looking and necessary transformation becomes possible.