FinTech is booming. Last year it received a staggering $14.5 billion in venture funding – more than double the 2014 figure. And the UK is Europe’s unofficial capital. That’s good news all round. But that also puts this rapidly growing sector very clearly in the crosshairs of formidable assailants. As these firms race to offer a wider range of agile, cloud-based services to a whole new set of customers they begin to present an even greater target for the aforementioned assailants.
Therefore, today’s challenge is to find the right security strategy to minimise the damage that can occur from breaches, and give IT teams the tools they need to detect, prioritise and remediate as quickly as possible.
The FinTech industry is seeing fantastic growth at the moment. There were over 800 venture deals last year and the sector continues to expand on an unprecedented scale. There’s huge variety in the sector too, ranging from fast-growing start-ups all the way through to established financial institutions keen to tap a rapidly growing market by delivering agile cloud technologies.
Subsequently, where there is success, money and end users, there will inevitably be cybercrime. In fact, the number of breaches in the financial sector in the US alone doubled from 2014-2015, according to the Identity Theft Resource Center. FinTech firms have a particular set of circumstances which put them at high risk:
- Customer data is digital, therefore it’s a target for cybercriminals
- Services are built on next-generation cloud technologies which have grown too complex and dynamic in nature for traditional security tools to keep up. This means flaws are inevitably begin to get exploited by the bad guys
- FinTech is tapping a whole new, broader set of customers – many of whom may have previously been unbanked – so any breach could have a bigger cost and impact on user confidence/adoption
- This is a highly competitive industry where time-to-market is incredibly important. That can lead some providers to sacrifice security
- Some security-related financial regulations can act as a roadblock on innovation, forcing the more innovative companies to accept more risk in the drive for a competitive advantage
The fightback starts here
Modern cybercriminals are agile, determined and sophisticated. They have the element of surprise, and they’re after your data. As is the case in many other sectors, there’s a tendency to concentrate on stopping threats with traditional technologies at the perimeter. However, one look at the newspapers will tell you that breaches are inevitable, and there’s not a CISO on the planet that wouldn’t acknowledge this now. But this shouldn’t be a cause for despair. There are many things FinTech firms can do to minimise the damage when that breach occurs.
On key element of a modern cybersecurity strategy should be a focus on next-gen tools which can scale and adapt to the kind of dynamic hyper-growth IT environments typical of FinTech firms. Think about offerings which can help you shine a light on east-west traffic to set more granular micro-segmentation policies. Consider distributed deception platforms, which empower IR teams to detect, prioritise and remediate breaches in minutes or hours, versus the days or weeks it typically takes traditional detection systems like IDS, log analysis and event correlation.
With the right security in place you’ll be able to minimise the costs associate with data breaches, drive products safely to market faster, and hit your compliance targets. Most importantly they’ll let you concentrate on the matter at hand: growing the business.