Skills for faster innovation in financial services

Banks and insurance companies are going through a lot of changes. Read on to see my thinking on how to facilitate that change if you are working in financial services.

Pathways to innovation

There are two major pathways to innovation in financial services, and they are not exclusive.

One is by employing cloud infrastructure (either public or private), so that the speed of software development can increase. The other is by using, incorporating, integrating, or even buying FinTech companies. More often than not, these FinTech companies have all the characteristics of SaaS providers.

Both pathways involve external IT providers. And as the financial services sector is heavily regulated, proper risk management is not an option but mandatory. This impacts both of these innovation pathways. Governance and risk assessment is therefore on the critical path of innovation. By the way, banks cannot avoid taking risks.

Research tells us that the average company has hundreds, if not thousands, of cloud applications. Let’s have a look at how that impacts the risk assessment volume.

Suppose, just for the sake of argument, that there are 730 cloud applications in the company. Imagine that you have to review each of these every 2 years. That means that you have to review one cloud application every single calendar day of the year. And what is more, you want a lot of people to review each of them: legal, procurement, IT, audit, compliance, and so on. That is significant work.

How are you going to do that? And do all cloud contracts need the same level of scrutiny? And who is going to decide on that?

You need to develop a process

You need an effective and efficient process to review cloud usage. But there is no single process that works for all projects across all companies. One project works on sensitive data. Another project does not. One project understands security very well. Another less so. One organisation has a culture of central policies, another hasn’t. It all impacts how the adoption process is best done.

I believe that any process improvement needs to be driven by the people who are running that process. They probably need some assistance, and they definitely need an understanding of what is changing.

Team skills

When it comes to cloud adoption, I find that there are a number of specific skills that are required of almost every person in the cloud adoption and evaluation process. These include: figuring out what exactly is the (cloud)service, how it depends on other services, who is responsible for which part of which service, articulating cloud business cases, and a few more things.

When a team has these skills, they will be in a much better position to understand what the contribution of each team member is. And that will lead to swifter and more efficient secure cloud adoption. In the end, that drives innovation.

By Peter HJ van Eijk

Martin Mendelsohn

How Will COVID-19 Impact Security Talent?

New Security Talent As we emerge from the era of COVID-19, unemployment will recede, and new jobs will be created more rapidly than jobs were lost between March and May of this year. We’re already ...
Mining Data

Cloud Mining and the GPU Shortage

Cloud Mining Cryptocurrency seemed to take a jump this year to a new level of internet hype. Bitcoin hit $60,000 and Elon Musk’s tweeting about Dogecoin made millionaires out of memelords. Alongside this new wave ...
Juan Pablo Perez Etchegoyen

Key Considerations for Keeping Mission-Critical Cloud Applications Secure and Compliant

Keeping Cloud Applications Secure and Compliant According to reports, nearly 70% of enterprises were moving mission-critical business functions and processes to the cloud before the pandemic. In today’s new normal, that number has skyrocketed. Organizations ...
Martin Mendelsohn

Of Rogues, Fear and Chicanery: The Colonial Pipeline Dilemma and CISO/CSO Priorities

The Colonial Pipeline Dilemma The Colonial Pipeline is one of a number of essential energy and infrastructure assets that have been recently targeted by the global ransomware group DarkSide, and other aspiring non-state actors, with ...
Martin Mendelsohn

Supporting CISOS, CIOS and CTOS That Are Overwhelmed During the COVID Battle

The Covid Era and CISO Stress Even before COVID-19, senior technology executives, including CISOs, CIOs and CTOs were overwhelmed, and felt an increasing lack of ballast in their lives. Some went so far as to ...
Torsten

Five Ways to Secure Access to Web Workloads

Secure Access to Cloud Workloads Organizations are increasingly moving their workloads to the cloud to achieve greater agility, flexibility, and cost savings. That’s a major reason why worldwide spending on public cloud services and infrastructure ...