For Financial Services Leaders, Cybersecurity Takes the Front Seat
Financial institutions have been slower than a lot of other sectors to adopt cloud technologies. A survey of banks in Accenture’s report on cloud readiness, “Cloud and Clear,” found that 43% of institutions have “no cloud strategy or have only started implementing basic cloud practices.”
But things are starting to change. An increasing number of financial institutions are moving to the cloud by partnering with agile companies like Liveoak. While some firms hope to speed up cloud migration by throwing people and money at the problem, joining forces with startups can offer a more efficient and cost-effective way to embrace the cloud.
Why now? Aside from the potentially significant cost savings that companies with large data storage needs can achieve, cloud migration is attractive because of its ability to manage cybersecurity risk. And judging by hacking and cybersecurity statistics, it can’t happen fast enough.
Cybercrime is the fastest-growing form of criminal activity in the United States today. An Accenture study from earlier this year predicts it could cost businesses $5.2 trillion annually worldwide over the next five years.
A separate report from IBM Security was equally grim. It found that the cost of a data breach has risen precipitously over the past five years, and now costs $3.9 million on average per company affected.
In today’s news cycle, it seems every week brings a fresh story about a data breach hitting an unprepared company. Businesses from every sector have been affected, including healthcare, retail and finance. Some have suggested that the cause is a failure to take cybersecurity seriously.
Financial services firms are ripe targets for hackers because of the sensitive and valuable information they possess. “The ransomware attack is pretty much a cottage industry these days,” says Joel Comeaux, Liveoak’s Principal Systems Engineer.
However, Comeaux says that almost every company he’d worked for prior to joining Liveoak merely paid lip service to information security.
“It was kind of bolted on as an afterthought; it was not built into the core,” he says. “That’s why I was so excited to join Liveoak. Every single member of our firm is all-in on information security… and we have an even better security framework than a lot of big enterprises I’ve seen.”
At Liveoak, cybersecurity is central to the company’s business model. That’s because Liveoak’s customers include some of the largest, most sophisticated financial institutions in the world. Many are forward-thinking companies keen to inject innovation into their strategies by partnering with startups. However, before they do so, they have to be confident they’re not exposing themselves to vulnerabilities that could imperil their data security or expose them to fraudsters.
“Enterprises won’t do business with you unless you have top-notch information security practices. When we start talking to customers, that is what they lead with,” Comeaux says. “These types of organizations can’t afford to get security wrong.”
To stay on the cutting edge of running an enterprise cloud environment and address the need for top-tier security, early-stage companies like Liveoak invest heavily in what’s known as Infrastructure as Code (IaC) and Key Management Services (KMS).
IaC enables the management of computer data centers through machine-readable definition files rather than physical hardware configuration. This allows developers to manage the technology stack via software rather than relying on manual processes to configure hardware devices and operating systems.
In addition, leveraging KMS to manage cryptographic keys within a cryptosystem allows firms to scale computing environments while simultaneously providing personalized encryption services for each enterprise client.
“Implementing tools like these in our cloud framework really gives us the agility and speed to react quickly to the ever-changing security threats. It’s been a key differentiator for Liveoak”, Comeaux says, “we’ve “shifted to the left” on security and testing, and enterprise customers are really starting to recognize the value.”