New Articles

OUT WITH THE OLD: WHY BANKS MUST ADOPT FINANCE TECHNOLOGY TO REMAIN RELEVANT

banks

OUT WITH THE OLD: WHY BANKS MUST ADOPT FINANCE TECHNOLOGY TO REMAIN RELEVANT

The term “FinTech” continues to saturate the news and financial institution reporting in recent years. It’s not surprising that streamlining financial services in the age of automation is something traditional banks struggle with adopting as global markets capitalize on technology. The trade sector on a high level is already purging antiquated, traditional processes involving paper, phone calls, Excel spreadsheets and tedious, unreliable methods of tracking and invoicing.

Now that FinTech is part of the bigger financial picture, it only makes sense that more companies in the global trade market are adopting FinTech as the norm rather than an option. This presents its own set of challenges for banks to overcome as much as it presents opportunities in optimization and risk mitigation. FinTech has its own challenges to overcome as well before it can successfully replace the traditional financial processes currently in place.

To understand exactly how FinTech fits into the bigger picture, we must break it down and evaluate all angles. To start, trends in emerging finance technology include variables from governments and dominating players to emerging acquisitions positioning big tech as a disruptor and solution to trade finance. So, what are some of the top emerging trends currently found in the financial technology space? According to experts at Azlo, a no-fee digital banking platform, government regulation will weed out fly-by-night FinTech while ownership of a self-sovereign identity will become more prevalent for risk modeling. Additionally, FAANG companies are currently positioned to become major players in the FinTech space as they continue to raise the bar for consumers and businesses alike.

Azlo also maintains that banks must adopt FinTech and emerging tech to remain a relevant part of the financial industry, warning that if they don’t, European, African and Asian markets, which possess less regulation and oversight, will own the space very soon. Additionally, optics, trust and inevitable obsolescence will ultimately serve as supporting reasons behind the adoption of emerging tech in the banking space in the near future.

From a safety and risk mitigation point of view, cybersecurity requires a sophisticated and advanced system to combat various strategies hackers utilize to disrupt the financial industry. Cybersecurity goes hand-in-hand with the recent surge in FinTech and will present itself as a challenge for financial companies to mitigate. How will this risk impact banks from a cost perspective? Think of it in terms of compliance and regulation. Circling back to Azlo’s expert point that once the government starts implementing harsher regulations, the days of FinTech will take a different stance in the financial industry. An example of this is found in Mexico’s FinTech law that took full effect this year and in the Latin America markets. As noted in a November Nasdaq article: “The goal of the FinTech law was to help bring more people into the formal economy. Additionally, it would help to reduce the amount of cash in circulation, which would cut down on money laundering and corruption as well.”

Nasdaq experts also point out the significant progress FinTech has made within the Mexico and Latin America markets. “In January 2019, Albo raised $7.4 million, sparking a surge in investor interest in Mexican neobanks,” states the article. “In March 2019, Mexican neobank, Fondeadora, announced a $1.5 million round of investment, and in May 2019, Nubank, Brazil’s largest neobank with over 15 million users, announced its plans to expand into Mexico.”

Considering the reputation for cash dependency in Mexico paired with the more than 273 FinTech ventures operating in the country, it’s no surprise that FinTech is disrupting and recreating opportunities for global markets while changing the way cash flow is approached.

FinTech will not necessarily hurt the traditional banking model, as it does offer an automated and sustainable approach for customers while keeping up with what is expected of companies on a cultural scale. To remain relevant, banks should consider what customer generations are emerging while maintaining the changing ecosystem supporting efficiency, sustainability and cost-savings.

Furthermore, FinTech is changing the way investments and lending are assessed. FinTech allows for much larger sets of data, providing a new level of visibility. Possessing the ability to manage multiple information streams that reflect the health of a company is found as an unmatched solution provided by FinTech, according to Azlo. With this information, companies can further evaluate next-step approaches and what actions in place need to be revisited, revamped or completely eliminated. The name of the game is data visibility, folks, and that is exactly what FinTech is doing to redefine how finances are approached.

“FinTechs are relying on different information when underwriting consumers, looking at things traditional banks have never considered and providing more people with access to personal and business capital,” explains Donna Fuscaldo in her blog, “The Rise of Fintech: What You Need to Know & Financial Services Now Offered.”

“Traditional financial institutions may be late to the FinTech party, but they haven’t missed it altogether,” Fuscaldo writes. “Many of them are creating their own services or partnering with established FinTechs to bring services to their clients. It’s happening in every aspect of FinTech from robo advisors with Charles Schwab’s Schwab Intelligent Portfolios to digital payments with Visa’s Visa Pay digital payment service. Even heavy hitters like JPMorgan are turning to FinTech’s data to evaluate applications for loans, and Quicken Loans, the online mortgage lender, launched its Rocket Mortgage app that can churn out mortgage approvals and rejections in minutes. All of this action on the part of the traditional financial services industry make for more choices beyond just the startups.”

With cybersecurity and automation consistently creating new ways for companies to optimize their payments while maximizing data and integration, only time will tell how much regulation global governments will impose and whether that reshapes the FinTech marketplace. One thing is certain: Traditional banking will continue to be challenged to redefine how customers are served, transactions are protected and how the investment and lending sectors approach opportunities throughout the international and domestic markets.

healthcare

5 Ways For Healthcare Providers To Build A Fortress Against Cyber Threats

The healthcare industry has yet to find a cure for cyberattacks. Housing personal health data, all kinds of providers are vulnerable targets of hackers and patient care can be put at great risk.

News of breaches in healthcare computer systems is a regular occurrence. Over 100,000 medical records were recently leaked as a result of a data breach at a Montana hospital. And research this year showed an upsurge in malware attacks on healthcare providers. Phishing messages, a means of malware delivery via email, have been found to come in the form of alerts from the US Centers for Disease Control and Prevention (CDC).

As cyberattacks become more sophisticated and widespread, the need for adequately securing computer networks at hospitals and all medical facilities has never been greater, says Alex Zlatin, CEO of Maxim Software Systems (alexzlatin.com).

“The costs of cyberattacks for healthcare providers can be enormous,” Zlatin says, “but how hackers can literally stop facilities from functioning and keep patients from getting care and medication should get everyone’s attention. “It’s all about prevention, and for many providers, being secure as possible will involve a retooling and re-thinking of how they approach cybersecurity from the human and technological standpoints.”

Zlatin provides five tips for healthcare providers to better protect against cybersecurity threats:

-Educate employees about phishing attacks. Many breaches start with human error. Employees make the mistake of responding to an email, link or website designed by hackers to access private information. “Email is a popular phishing technique,” Zlatin says. “The best ways to prevent them from doing damage are to educate your employees on what suspicious emails look like and to use strong email spam filters. Also, your software should automatically scan any links or attachments. This prevents new or unrecognizable URLs from sneaking past company safeguards.”

-Beware of ransomware. Ransomware has been a big menace to the healthcare industry, holding data for ransom, paralyzing facilities and putting patients at risk. Zlatin says the first step in dealing with ransomware is backing up your system, ideally with a cloud backup to protect data. “Failure to do backup can cause irreparable damage,” he says. “And while hackers continually find ways to infiltrate, your security software should contain the most updated anti-malware and anti-ransomware protection. When a ransomware attack occurs, the first thing employees should do is contact their IT team — not try to resolve it themselves.”

-Have a top-down security program. There can be a disconnect and gaps in cyber security procedures when a medical facility’s security staff and IT team don’t overlap. “Including cybersecurity duties at a managerial level, perhaps even as an executive position, can ensure that correct initiatives are created, launched, and enforced, and that funding for security initiatives is available,” Zlatin says. “This also helps enforce regular risk assessment, which should be part of any healthcare provider’s cybersecurity threat program.”

-Make sure vendors have protection. The Healthcare Industry Cybersecurity Task Force, which was established by the U.S. Department of Health and Human Services and the Department of Homeland Security, warned providers about areas of security vulnerability in the supply chain. “Vendors should take the proper steps to detect threats,” Zlatin says. “They include all healthcare business partners, such as insurance companies and infrastructure providers, all of whom should have good security records and be able to protect medical information. It’s especially important for organizations that outsource IT personnel from third-party vendors.”

-Update passwords often. “Using the same passwords for most platforms is a big mistake,” Zlatin says. “It increases vulnerabilities. If a criminal discovers one password used for several accounts, it leads to a disastrous theft of data. So, have employees generate new passwords periodically and not get stuck on convenience.”

“Too often, many healthcare facilities aren’t vigilant enough about defending their medical records security,” Zlatin says. “Healthcare providers face a constant threat that requires constant vigilance because they and their patients have too much to lose.”

________________________________________________________________

Alex Zlatin, author of the book Responsible Dental Ownership (alexzlatin.com), had more than 10 years of management experience before he accepted the position of CEO of dental practice management company Maxim Software Systems. He earned his MBA at Edinburgh Business School and a B.Sc. in Technology Management at HIT in Israel.

His company helps struggling dental professionals take control of their practices and reach the next level of success with responsible leadership strategies.

 

 

GlobeNet Steps Up Cyber Security with Anti-DDoS Gold Mitigation Service

Following successful implementation of the Silver Anti-DDoS Mitigation Service, GlobeNet announced the launch of the latest version of the offering. The Gold Anti-DDos Mitigation Service will formally address diverse and complex customer demands while combating the significant increase in DDoS attacks – reported to have increased 500 percent since 2017.

The upgraded cyber-security solution’s features include a wide range of capabilities that enable customers to operate with fewer limitations and proactive measures to ensure their success, security, and overall efficiency in protection.

Features such as unlimited clean bandwidth and mitigated attack volume, protection policy flexibility, dynamic detection and neutralization of attacks, early detection of malicious traffic, and more provide clients with the peace of mind knowing the overall risk of downtime is reduced. Ultimately, clients have more options to secure their networks based on their specific needs.

“GlobeNet’s Anti-DDoS Gold and Silver levels provide an effective solution to the growing scale of modern DDoS attacks,” said Eduardo Falzoni, CEO of GlobeNet.

“With this new service, our customers now have the enhanced flexibility to choose the option that will best suit their needs. Both services provide 24/7 network protection without the need for organizations to make costly capital investments in their own anti-DDoS solutions. As a result, we ensure peace of mind for our clients’ mission-critical infrastructure and traffic.”

5 Key Considerations for your Cyber Security Strategy

Cyber security. Not only do all organizations need it, but most organizations need to improve it. As hackers and all other manner of cyber criminals get increasingly crafty, the average cyber security team is struggling to keep pace. As it turns out, the road to hell is paved with well-intentioned but somewhat unfocused cyber security efforts.


Therefore, developing a cyber security strategy is a good foundational step for obtaining the level of cyber security necessary to protect your business, employees, customers and reputation. And taking attention of these five key considerations is a good foundational step for developing a cyber security strategy.

Set out clear objectives

All organizations need cyber security, but what works for one organization could be a disaster for another. This is not the place to attempt to implement a one size fits all approach. To begin to understand what your cyber security objectives should be, you need a solid understanding of the threat landscape as well as where your organization and critical business operations fit into it. Does your organization need to better protect customer data? Become fully compliant with new regulations? Incorporate a cyber security mindset across all aspects of business operations and functions? Become more resilient to attacks? Before a strategy can begin to take shape, you need to know what you’re working towards.

Identify your assets to establish cyber security priorities

The first part of this step is putting together a comprehensive list of the organization’s most important databases, networks, applications and any other assets. What are they? Where are they? What is currently protecting them? What are they connected to?

The second part of this step involves completing a nerve-wracking exercise, but it’s something that needs to be done over and over again if you’re going to have a solid cyber security strategy: assess your organization from the attacker point of view. Of all those assets in the list, what are most attractive to potential attackers? What could inflict the most damage to your organization if it were compromised? What would interrupt the largest number of business processes? Look at this from every possible angle, from the profit-driven hacker to the attackers hired by underhanded competitors to politically-motivated hacktivists – which of your assets are the biggest targets? These are your cyber security priorities.

Determine where you’re vulnerable

This is where you once again need to get proactive. Hacking simulation, penetration testing and other offensive-minded approaches are necessary to find your organization’s weak spots and vulnerabilities as well as figure out exactly how deep someone could get into your networks, systems and databases if they made it in. This serves to help you:
1) Shore up those vulnerabilities as much as possible and…
2) Put in place monitoring measures that help detect and respond to suspicious activity as quickly as possible – a managed security operation center (SOC) might be the best option for organizations that don’t have a robust in-house SOC. 

Make sure you have the right technology and personnel in place

As much as you might hope differently, it isn’t enough to simply invest in the best cyber security technology. Think of it like having an F-35 in your driveway. It’s a marvel of technology, but what good is it going to do if you don’t have a pilot to operate it? What your organization needs is a combination of the right technology, processes and the people who have the skills to orchestrate it.


To get the right cyber security team in place you need to consider your organization’s objectives as well as priorities and vulnerabilities. The team you need could include security engineers and architects, analysts, incident responders, ethical hackers, pen testers, forensic experts, auditors and a chief information security officer, to name a few possible positions, and all these employees need to be able to operate at a high enough level to deal with the threats your organization is facing. If it isn’t possible to staff an in-house team at the level your organization requires, it may once again be time to consider a managed cyber security solution.


Whether you’ve got an in-house team or a managed solution, you then need to ensure you’re working with the right vendors to arm your team with the technology they need to keep your assets protected, otherwise you’ll have the stealth fighter pilot but no F-35.

Assess the overall organization’s cybersecurity awareness

You can have the right cyber security people combined with the highest rated technology and the ideal offensive-minded approach to cyber security for a top-notch security operation center, but it won’t matter if your overall organization is not educated on cyber security threats.


From malware, spear phishing attacks to weak passwords and mishandled credentials, the current cyber security landscape is rife with attackers who know that organizational cyber security awareness and education is lacking and know exactly how to capitalize. From top to bottom, your employees need to be educated on the threats that exist, trained on what they must do to protect your organization, and the potential consequences to the organization if they don’t.


Getting ahead

No one said developing and following a cyber security strategy would be easy, but when done well, it’s one of the most worthwhile investments of time, effort and money an organization can and should make.
The threats aren’t going to let up and in fact will only grow in size, scale and sophistication. With a proactive cyber security strategy, you can stay one step ahead of even the most talented attackers, and one step ahead is the only place you want your organization to be.

Source: CyberHat

A 5-step guide to managing cyber threats in the supply chain

When Danish shipping giant A.P. Moller-Maersk was attacked by the NotPetya malware in 2017, access to its electronic booking systems was blocked and ultimately forced a 10-day overhaul of its entire IT infrastructure.

The malicious attack still remains one of the largest disruptions to affect the global shipping industry to date. As a result of lost bookings and terminal downtime, Maersk incurred a massive US$300 million (€264 million) loss.

With the increasing sophistication of cyber threats, companies worldwide have to brace themselves for a new reality where supply chain disruptions are no longer restricted to those of a physical form. Cyber-attacks have the potential to disrupt or, at its worst, cripple the logistics and supply chain operations of an entire business across different geographies.

Instead of adopting a reactive approach to cyber security, companies should actively prevent and manage such cyber risks by devising a response plan with the following five steps.

Identify third-party risks

To successfully thwart future cyber-attacks, companies have to first determine which vendors or third-party entities have access to their firewall and could have the largest impact to the organization in a worst-case scenario.

When selecting possible vendors to work with, it is best to consider the amount of sensitive data that the vendor is handling, such as personally identifiable data, protected health information or financial transactions. With this knowledge, suitable mitigation measures must then be introduced to safeguard the sensitive data.

Monitor the cyber threat environment

As cyber threats are continuously evolving and news reports of a cyber-incident become known, it is a continuous effort to assess and understand events impacting the vendors or third-party entities that your organization works with.

The ability to persistently monitor one’s supply chain and the cyber threat environment will be the best determinant in responding adequately to a cyber-incident.

For instance, a year on from the cyber-attack on Maersk, Chinese state-owned shipping conglomerate COSCO Group managed to contain the damage and limit the length of disruption when its shipping operations in the Americas suffered a ransomware attack.
Though its shipping operations in the Americas came to a momentary standstill, the company’s swift response efforts and preemptive network segmentation prevented the escalation of the attack, allowing regular operations to resume within a week without significant damage.

Assess potential impact

Organizations should possess the capability to gauge the extent of the potential impact a cyber-attack can have on its business operations.

Knowing the nature of each cyber-attack can better equip companies by facilitating understanding, communication and coordination along its supply chain.

Types of cyber attacks

·Data breach: Release of secure information to an untrusted environment, including trade data, schematics, manufacturing systems, shipping data, and other confidential company information
·Ransomware: A form of malware which encrypts a user or end system, rendering all data within inaccessible, and demanding the payment of ransom to decrypt
·Denial of service: A cyber-attack performed by many actors to render a firm’s website or system unavailable to users
·Vulnerability: The discovery of a weakness, known or unknown, which may be exploited by a threat actor to perform unauthorized actions on a system
·Phishing: A fraudulent attempt to obtain security credentials from entry to executive levels for malicious purposes

Conducting a risk assessment on the areas of vulnerability from multiple angles will help companies measure the potential risk and threat of a sudden attack on its supply chain.

Develop risk scenarios and emergency protocols

Without emergency protocols established or adhered to in the event of a cyber-attack, it will likely cause confusion that leads to disruption in the supply chain. Companies need to train its employees on potential threat scenarios and develop corresponding response plans to tackle different situations.

Often, these response processes might involve the use of advanced technology and human intelligence analysis. Having established the protocols and trained employees on their respective emergency response roles, the company will then be well-prepared to implement the appropriate measures to mitigate the potential damage inflicted by a cyber-attack.

Communicate relevant actions to stakeholders

When a threat has been identified, it is imperative to investigate the matter internally and cascade information in a timely manner within the organization before alerting the relevant authorities. Once more details emerge and the nature of the threat is confirmed, organizations should pro-actively inform all stakeholders who have been affected, while activating the emergency response teams to rectify the issue.

With the threat of cyber-attacks looming large, companies need to take control and ready themselves with a proper response plan and top-notch cyber security practices to protect their supply chain.

Shehrina spearheads the supply chain risk monitoring capabilities for Resilience360. Resilience360 offers end-to-end supply chain risk management, alerting customers about supply chain incidents globally and risks to their global supply chain in almost real time. The platform helps companies handle an ever-changing world by assessing the impact of natural disasters, changing regulatory environments, and other supply chain risks. With Resilience360, businesses can visualize their supply chains end-to-end, use machine learning capabilities to detect early warnings of incidents that can disrupt their supply chain and it will allow customers to preemptively respond and minimize business interruption.

This article was originally published on DHL’s Logistics of Things. Read more on how logistics impacts business, builds lasting connections and drives innovation.