Earlier this year, the World Economic Forum (WEF) announced a new initiative: a consortium of financial services and technology companies – including the likes of Citigroup, Zurich Insurance Group and Kabbage – to help protect financial technology (fintech) companies and their customers against cyber crime. Primarily, the consortium is designed to share information, develop best practices, and encourage fintechs around the world to adopt higher standards of security.
Cooked up at the summit at Davos, the consortium is a logical outcome of the conference where WEF ranked cybersecurity sixth in its yearly Global Risks Report of events that would have the most serious global financial impact. For context, this puts cyber crime above food crises and the spread of infectious disease. WEF urged governments to put aside their political differences and focus on cyber defense.
Given the extent of financial fraud and cyber crime, it is absolutely right that WEF should turn to the fintech industry first. As has been correctly pointed out, the financial services industry is one of the most vulnerable and most targeted by cyber criminals, because of the value and wealth of data that is being stored and transferred.
Furthermore, WEF correctly points out in its report that this risk is only increasing as financial services embrace new technologies and become more innovative. As we have outlined previously, new technologies and generational shifts in how consumers interact with financial services – while desirable and perhaps necessary – are dramatically increasing the surface area for attack and therefore the risk of cyber crime. WEF stresses in its report that, as the collaboration between innovative fintech deepens, this must be counterbalanced by tighter standards and better security provision.
With this announcement, WEF provided 19 steps fintechs should take to protect data – two of which it marked out as priorities – adopting cyber risk measurement and cyber security assessment. By the report’s own admission, the solutions it suggests are more strategic in nature, rather than technical. While the WEF mission of helping financial services adopt best cybersecurity practices and overcome the complexity of diverging regulation around the world is an admirable one, at Trusted Knight our solutions are a bit more pragmatic.
As the report says, cybersecurity professionals face disadvantages compared to cyber-attackers – it is easier to leverage new technologies to attack a system than to protect an expanding attack surface. The solution is relentless innovation – rather than relying on decades-old protection technologies, new approaches must be developed and adopted. Fintech companies are increasingly turning to solutions like Protector Air, which takes an approach of full transaction stack protection (FTSP). This technique focuses on protecting the full transaction stack in each individual transaction rather than focusing on the futile and piecemeal approach of trying to clean unmanaged endpoints and separately trying to protect the application servers.
Because it’s a given that cyber criminals are not taking a status quo approach, fintech companies cannot afford to either, if they hope to mitigate the risk associated with innovation.
Click below to request a free trial or to read the technical white paper