By Adam Oldfield, Vice President Sales EMEA Financial Services at Unisys

 

The financial services market continues to evolve digitally to meet the rising expectations of customers, particularly in relation to their experience with digital and in-store services. Consumers expect banks to be accessible 24/7, from any location, and any device. As a result, security of access continues to be front of mind for everyone in the financial services industry, and the challenges that come with it.

 Multifactor authentication built into modern applications, the use of biometrics or analytics as well as artificial intelligence are all needed to be interwoven in the modern environment to keep security capabilities at a high – but why is cybersecurity such a pressing factor in the market over the last few months?

 

Legislative drivers

It is widely known about the multitude of financial, and reputational, incentives tied to increasing security standards in order to be compliant with a variety of legislative drivers, with the biggest and most impactful deadline being the General Data Protection Regulation. The GDPR brings consistency to the current data protection laws across EU member states, and provides guidance on how customer data should be stored and how companies must respond in the event of a data breach.

It is widely known about the multitude of financial and reputational incentives tied to increasing security standards in order to be compliant with a variety of legislative drivers, with the biggest and most impactful deadline being the General Data Protection Regulation.

The GDPR brings consistency to the current data protection laws across EU member states and provides guidance on how customer data should be stored, as well as how companies must respond in the event of a data breach. As we move towards the 2018 deadline a large proportion of companies including financial services, are still unsure on what they need to specifically do in order to be as compliant as possible.

Therefore, we are continuing to see the demand for cybersecurity advisory services, personnel as well as solutions at an all-time high - demanding higher and higher shares of annual and quarterly budgets within financial institutions.

 

The threat landscape and impending legislation has meant cybersecurity has moved from a once discretionary spend to a mandatory one in recent months. Financial services organisations are rapidly restructuring teams, hiring new talent and most importantly seeking advisory services to manage the journey to compliance. Cybersecurity maturity levels held with each organisation in the market also fluctuate, meaning each company has a different set of requirements, goals and timeframes to abide by.

However, legislative drivers forcing financial institutions to treat customer data with the utmost care are not withheld to just the GDPR. The Payment Services Directive (PSD2) and the 2018 mandate set by the Competition and Markets Authority (CMA) are some of the key drivers to raising data protection and security requirements as well as market standards, having a particular impact at the decision making, forecasting and budgeting level.

These legislative drivers will continue to move security up to a boardroom discussion, with advisory services taking the front line of demand as well as budget. As we move towards 2018, the stopwatch is on for new entrants, as well as established players to restructure teams, align ecosystems and improve data management. They must also fine tune effective cyber breach response strategies to ensure the legislations and regulations put in place have a positive impact on their business and customers.

 

No organisation is immune

Many financial services organisations are aware of technological developments taking place throughout security, as well as the evolving security postures needed to combat threats and reduce routes to entry. Biometric authentication is an example of this that adds an additional layer of personalised security for data and account protection purposes. The plethora of high-profile attacks, such as Petya and Wannacry, highlight how no organisation or industry, including financial services, is immune.

The need for flexibility and responsiveness is paramount in this ever-changing landscape, not only legislatively but operationally, driving companies to pull together best in breed solutions to ensure capabilities match fluctuating threats. Legislatively the PSD2, for example, forces organisations to contract and conduct payments in a certain way, as well as effectively store and protect sensitive data. In comparison, the CMA 2018 mandate is forcing all financial services providers to offer customers the ability to manage their products, regardless of provider, via a single mobile application of their choice. Operationally, customers are demanding seamless payment and verification options with a 24/7 responsive service. A best in breed and reactive approach is capable of managing these demands, meaning flexible and intuitive ecosystems for application roll out can be the route to success, and gone are the days of using one provider for everything.