In our webinar, ‘Fortifying Financial Services: Mastering Data Security in the Digital Age’, Rich Vibert, CEO of Metomic, and Graham Cluley, Cybersecurity Researcher and host of 'Smashing Security,' gave valuable insights into the dynamic landscape of data security challenges within the financial services industry.
In as dynamic a landscape as the financial services industry, the adoption of SaaS, GenAI and cloud applications has become instrumental in driving business growth. Tools such as Slack, Teams, Google Drive, and OneDrive have revolutionised work dynamics, providing unprecedented opportunities for collaboration and efficiency.
However, this digital evolution introduces new and complex security challenges, particularly in the realm of handling sensitive information in a heavily regulated industry.
In our webinar, ‘Fortifying Financial Services: Mastering Data Security in the Digital Age’, Rich Vibert, CEO of Metomic, and Graham Cluley, Cybersecurity Researcher and host of 'Smashing Security,' gave valuable insights into the dynamic landscape of data security challenges within the financial services industry.
Here are 5 key takeaways:
SaaS applications and GenAI tools are transforming the way organisations operate. From 2020 to 2023, the average number of SaaS applications used by organisations has significantly increased from 80 to 130. Additionally, organisations are leveraging GenAI to streamline operations and gain a competitive advantage. The adoption of these technologies is driven by their ease of use, productivity benefits, and the ability to extract valuable insights.
Rich Vibert said, ‘SaaS has taken over the tech stack, whether it be customer support, sales, or product development, there's a SaaS application for every use case in the organisation.’
While SaaS and GenAI offer tremendous benefits, they also introduce significant security risks. SaaS applications increase the attack surface area, making it crucial to protect sensitive data stored within these applications. GenAI tools can also create vulnerabilities if not properly managed, posing potential threats to data security. Organisations must find a balance between leveraging these technologies and mitigating associated risks.
Rich Vibert shared a Gartner stat that highlighted the fact 85% of organistions will rely on SaaS to streamline operations by 2025.
The webinar emphasised that the financial services industry is a prime target for cyber attackers due to the vast amounts of sensitive personal information it handles. Breaches in this sector can result in substantial financial and reputational damage.
Graham Cluley discussed the fact that ‘financial service firms are 300x more likely to be targeted by cyber attacks than other types of companies. Consequently, data security is not just important, but necessary in this industry.’
The webinar highlighted the significance of data security in the financial services industry. Financial companies are accountable for managing unimaginable volumes of sensitive data, including credit card details and personal information. Breaches can lead to severe consequences such as reputational damage, financial loss, and regulatory non-compliance. Organisations in this sector need to prioritise data security to safeguard their operations and customer trust.
Their first priority should be visibility, Rich Vibert shared. ‘I think it's fair to say that no company in the world can answer questions like where Personally Identifiable Information (PII) is stored in SaaS. They might be able to say we store it in SharePoint, JIRA, and Confluence, but no one has any idea precisely what type of information is shared where inside those applications.
‘Gaining complete visibility of what data is being shared, precisely where it's being shared, and who has access to the data, is key when it comes to minimising risk. And finally, it’s important to ask yourself why it’s necessary to share a certain piece of data. Sometimes there are necessary reasons to have sensitive data access. But it’s always important to ask yourself the question and justify that in regard to who to share it with and for how long.’
To address the complexities and challenges of data security, the webinar presented the Metomic approach. This approach emphasises finding and protecting sensitive data, rather than solely focusing on the perimeter. Metomic enables organisations to activate their own Human Firewall, which offers real-time education to employees, helping avoid accidental data breaches. Automation is another key aspect, allowing organisations to prevent risks in real-time by setting up automated policies.
Our recent report, ‘The State of Data Security in Financial Services’ highlights the seven rules that financial institutions commonly put in place when they’re using Metomic, giving us a good idea of the policies that matter to those in the industry.
To watch the webinar on demand, visit https://www.brighttalk.com/webcast/20217/606299