Sales: 0845 470 4001 | Support: 0845 230 6001 | Contact Form | NPS
Categories
Tags
Authors
Teams
Archives
Categories:   All Categories
Suggested keywords
x
Darren Boulter
Company Finance Compliance Cyber Security Insurance

Preparing for DORA: What do these new regulations mean for finance and insurance firms?

blog-header-preparing-for-dora
When it comes to insurance and financial services, the ability to offer clients peace of mind is the key to ensuring the sector's continued longevity. Cyberattacks are evolving in frequency and sophistication, with criminals selecting progressively more ambitious targets, and even minor IT outages, whether they're caused by human error or 'acts of God', will have a serious effect on firms' operations, negatively affecting both profitability and brand reputation. With this in mind, firms must reconsider the way they approach operational resilience, particularly regarding the way access rights for critical systems and data are managed.
Tags:
Insurance Finance risk management resilience compliance
  959 Hits
Neil Regan
Company Finance Business Continuity Disaster Recovery Data Protection

A tech-powered customer experience for the new era of financial services

A-tech-powered-customer-experience-for-the-new-era-of-financial-services

From day-to-day consumer banking to high-profile asset and wealth management, the way we all access financial services is changing in ways that would have been inconceivable just a few years ago. Online banking is now firmly established, allowing customers to manage their money securely within a few clicks - anytime, anywhere and without the need to visit a branch. A 2022 survey revealed that the quality of the online experience was a key factor in 81% of adults' choice of bank1.

Tags:
Finance customer experience omnichannel Security Data
  1831 Hits
Our Customers
Finance Case Studies

Morningstar

Morningstar-deploys-global-1Gig-Wide-Area-Network-for-faster-and-more-reliable-data-deliver_20200910-130222_1

Morningstar deploys global 1Gig Wide Area Network for faster and more reliable data delivery.

About Morningstar

Morningstar, Inc. is a leading provider of independent investment research in North America, Europe, Australia, and Asia. The organisation offers an extensive line of products and services for individuals, financial advisers, and institutions.

Morningstar U.K. opened in London in 2000 and launched its investing website in 2001. The website offers access to objective information on more than 9,000 funds available to individual investors in the U.K


Reduce complexity, increase speed and reliability

Exponential-e is a trusted technology partner for organisations across the Finance sector, offering innovative solutions that drive security, compliance and optimal performance at all levels.

Find out more in our Finance Brochure.

Click to read Exponential-e & Finance
Tags:
Wide Area Network WAN Finance Morningstar
  7484 Hits
Exponential-e
Cloud Culture Data Digital Transformation IT Services Finance

Making sense of the Cloud-buzz: what quick wins are available to establish Business and Security value?

Making-sense-of-the-Cloud-buzz-what-quick-wins-are-available-to-establish-Business-and-Security-value
On Thursday 25th April, Exponential-e held a Financial Services and Insurance roundtable event at 'M Restaurant' in Victoria, London. The event brought together leading figures from these two sectors to share their experience of Cloud adoption and the benefits it can provide to businesses.

The conversation was kicked off by guest speaker Steve Deakin, Head of Development and Operations at Lloyds of London, discussing his experiences of Cloud and the client perspective. Next followed Nick Robinson, Systems Engineering Manager at Palo Alto Networks, who provided a view of real world innovations and shared Cloud success stories that he has seen from his clients across EMEA.

Here is a high level summary and description of the quick wins that were discussed:

The Process:

  • Learn -> Hack -> Iterate


Horizon Scanning & DevOps with an AGILE mind-set

  • Microsites and Micro services that are already trialled, tested and robust from an architecture and security perspective - this enables one to rapidly deploy new products and services, websites etc. with security peace of mind.
  • Serverless - just focus on writing codes and you can make changes in microseconds! It is easy to deploy, low cost, gives you more time to focus on UX and is more efficient for developers by ensuring you are keeping code backed up and in a secure environment.
  • Grid Data Analyst - overcome floods and complexity of big data and unlock the power of analytics with the right data in the right place.


Cybersecurity

  • OWASP Top 10 - whilst the threat landscape remains consistent year on year, everyone should make sure they are aligned to the latest as it evolves. Assuming the top 10 remains unchanged or that changes are incremental such as low priority to action, can lead to vulnerabilities. www.owasp.org
  • NCSC - The National Cyber Security Centre is an organisation of the United Kingdom Government that provides advice and support for the public and private sector on how to avoid computer security threats. www.ncsc.go.uk
  • Ethical Hacking - this should be continuously implemented - leverage Pen testers and vulnerability scanning as much as possible in order to follow best practices and processes - Learn -> Hack -> Iterate.
  • Social Engineering was also discussed, not so much as a quick win due to the complexity (get the simple things right first) however, advised to leverage Pen testers to protect your business from bad actors that use social engineering tactics.
  • Multi Factor Authentication – we discussed how this is a very low hanging and important measure to put in place. Leverage MFA to 1) require individuals to provide two or more authentication factors to confirm their identity for online transactions or to gain access to corporate applications, networks and servers and 2) insight and reports on the user's activity. Identity (IAM) and Privilege Access Management (PAM) were also mentioned as a further way to secure your business.
  • Security Information and Event management (SIEM) - leverage SIEMS as a means to log attacks. An IT Service Provider can provide an important layer of service to proactively manage, monitor and report on what the SIEM is seeing on a 24/7 365 basis.


Cloud Patterns


Data Lakes

  • Building out centralised repository for enterprise data, for tasks such as reporting, visualization, analytics and machine learning - leveraging cloud partners to build out big data solutions.


A debate for another day

  • DevOps and Open Source software is and will continue to be the main target for bad actors, they hold the code (the crown jewels). Should such resources have locked or unlocked internet access? On one hand it offers flexibility and agility, on the other it is more locked down and has a stronger argument from a security perspective.


#Azure #AWS #CloudPatterns #Cybersecurity #OWASP #NCSC #DevOps #HorizonScanning #EthicalHacking #Digital Transformation

Tags:
cloud adoption Finance DevOps cyber security SIEM
  3211 Hits