Skills for faster innovation in financial services

Banks and insurance companies are going through a lot of changes. Read on to see my thinking on how to facilitate that change if you are working in financial services.

Pathways to innovation

There are two major pathways to innovation in financial services, and they are not exclusive.

One is by employing cloud infrastructure (either public or private), so that the speed of software development can increase. The other is by using, incorporating, integrating, or even buying FinTech companies. More often than not, these FinTech companies have all the characteristics of SaaS providers.

Both pathways involve external IT providers. And as the financial services sector is heavily regulated, proper risk management is not an option but mandatory. This impacts both of these innovation pathways. Governance and risk assessment is therefore on the critical path of innovation. By the way, banks cannot avoid taking risks.

Research tells us that the average company has hundreds, if not thousands, of cloud applications. Let’s have a look at how that impacts the risk assessment volume.

Suppose, just for the sake of argument, that there are 730 cloud applications in the company. Imagine that you have to review each of these every 2 years. That means that you have to review one cloud application every single calendar day of the year. And what is more, you want a lot of people to review each of them: legal, procurement, IT, audit, compliance, and so on. That is significant work.

How are you going to do that? And do all cloud contracts need the same level of scrutiny? And who is going to decide on that?

You need to develop a process

You need an effective and efficient process to review cloud usage. But there is no single process that works for all projects across all companies. One project works on sensitive data. Another project does not. One project understands security very well. Another less so. One organisation has a culture of central policies, another hasn’t. It all impacts how the adoption process is best done.

I believe that any process improvement needs to be driven by the people who are running that process. They probably need some assistance, and they definitely need an understanding of what is changing.

Team skills

When it comes to cloud adoption, I find that there are a number of specific skills that are required of almost every person in the cloud adoption and evaluation process. These include: figuring out what exactly is the (cloud)service, how it depends on other services, who is responsible for which part of which service, articulating cloud business cases, and a few more things.

When a team has these skills, they will be in a much better position to understand what the contribution of each team member is. And that will lead to swifter and more efficient secure cloud adoption. In the end, that drives innovation.

By Peter HJ van Eijk

Martin Mendelsohn
The Colonial Pipeline Dilemma The Colonial Pipeline is one of a number of essential energy and infrastructure assets that have been recently targeted by the global ransomware group DarkSide, and other aspiring non-state actors, with ...
Gary Bernstein
Most Dangerous Botnets While it’s no secret that the technical sophistication of cyber-attacks grows exponentially, adversaries often need widespread networks to make it happen. One of the ways to do that is to infect legitimate ...
Cloud Image Migration
Effective Cloud Migration Monitoring The global pandemic witnessed the digital transformation of businesses in the cloud.  Today, even as the world resumes to normal, the end-to-end innovation in business strategies has kept the momentum going ...
Rakesh Soni
Multi-tenant clouds are becoming more popular than ever because they're incredibly cost effective and easy to set up. If you're considering switching your business over to a multi-tenant cloud platform, this article is for you ...
Jim Fagan
Subsea Connectivity Digital transformation and the migration of data and applications to the cloud is a global phenomenon. While we may like to think that the cloud knows no borders, the reality is that geopolitics ...

SECURITY TRAINING

  • Isc2

    ISC2

    (ISC)² provides IT training, certifications, and exams that run online, on your premises, or in classrooms. Self-study resources are available. You can also train groups of 10 or more of your employees. If you want a job in cybersecurity, this is the route to take.

  • App Academy

    App Academy

    Immersive software engineering programs. No experience required. Pay $0 until you're hired. Join an online info session to learn more

  • Cybrary

    Cybrary

    CYBRARY Open source Cyber Security learning. Free for everyone, forever. The world's largest cyber security community. Cybrary provides free IT training and paid IT certificates. Courses for beginners, intermediates, and advanced users are available.

  • Plural Site

    Pluralsite

    Pluralsight provides online courses on popular programming languages and developer tools. Other courses cover fields such as IT security best practices, server infrastructure, and virtualization.