Being the CTO or CIO of a financial services provider is harder than ever in today’s data-driven, hacker-plagued digital world. In addition to making sure the organization’s systems are operating smoothly at all times, they face a number of technology- and compliance-related challenges, issues that if not addressed could cost their organization millions – even billions – of dollars.
Here are eight of the biggest challenges, the ones keeping financial services IT executives up at night (or at minimum giving them a major headache).
1. Data security
“Security and risk management are high on the list of concerns that keep CIOs and CTOs up at night, especially at the rapid rate that the threat landscape is evolving,” says Josh Crowe, CTO, Sungard Availability Services. “They constantly mull over whether their customers’ assets and data are secure, and even question the security measures protecting their own IP. The speed at which hackers are finding ways to infiltrate technology can mean near constant reevaluation if they are remaining sufficiently vigilant.”
“Security is the thing that keeps me up at night,” says Michael Thorne, CTO at Bristlecone Holdings. “Nothing else compares. It is never done. The minute you think you're secure, you're at risk again. Being on top of it is nearly impossible. To gain some traction though, I make sure I'm following what's happening with data security and understand the flaws exposed, I stay up to date on developing tech, and, most importantly, I share information among my peers in groups that promote shared insights to enhance security across the board.”
2. Data breaches
According to the 2016 Vormetric Data Threat Report -- Financial Services Edition, 90 percent of financial services IT executives surveyed said that they felt vulnerable to data threats – and 44 percent had already experienced a data breach.
[ Related: Why IT can't handle data breaches alone ]
“Increased focus in the areas of data and cybersecurity means that CIOs and CTOs need to appreciate that even in the absence of a data breach, failure to adequately assess and respond to cyber security risk can lead to downgrades in regulatory ratings and potentially punitive action by a regulatory agency,” says Craig D. Miller, a partner at the law firm Manatt, Phelps & Phillips.
3. Insider threats
“Given that the vast majority of information loss comes from insider threats, creating a security-pragmatic culture that allows the business to operate at maximum efficiency but in a way that is still secure represents one of the greatest challenges facing [financial services] CTOs,” says Gerry Stegmaier, partner, Intellectual Property, Information and Innovation group, Reed Smith.
[ Related: Confronting the insider threat ]
4. Cyber ransom threats (ransomware)
“Cyber ransom is one of the fastest-growing security concerns around the globe,” says Carl Herberger, vice president of security solutions, Radware. “Every day, ransom tactics are used to target both individuals and companies around the world, and the potential harm can be devastating, shutting down network access, encrypting one’s files and more until a payment is made,” he explains. Dave Packer, vice president, Corporate and Product Marketing, Druva , as well as many other IT executives, agrees.
[ Related: Five things you need to know about ransomware ]
“If they [aren’t] already, [financial services] CTOs and CIOs should be losing sleep about cyber extortion and company data being held for ransom,” he says. “CNN reports that ransomware events are expected to collect $1 billion in 2016, with researchers seeing a 3,500 percent increase in the criminal use of net infrastructure to run ransomware campaigns. It's not a matter of if a company will get hacked, it's when,” he says.
To combat cyber ransom threats, financial services CTOs and CIOs need to “understand the current threat landscape and potential attack vectors,” says Herberger. And they “should be taking preventive action to ensure all data is safe, secure and backed up,” says Packer. “It's literally a matter of business life or death.”
5. Aging IT infrastructures and IT spending cuts
“Many [financial services] organizations continue to rely on IT infrastructures that are built on outdated components and are running with vulnerabilities,” says Joseph Pagano, practice advisor, Financial Services, Cisco Digital Transformation Group. The challenge for financial services CIOs and CTOs is to “figure out how to update and proactively maintain infrastructures in order to mitigate security risks and keep adversaries at bay during a time when boards of directors are asking IT to further cut budgets to help meet ROE targets,” he says. “How can CIOs help their firms save money while enhancing operational risk management and cybersecurity capabilities?”