Digital fortress or siege mentality?

Fintech is the crossroads between financial services and the world of technology. The meeting of these two worlds has made rapid acceleration of our civilisation a reality that, up to a few decades ago, would have been considered science-fiction.

Today, not only do we have the tools to build the world we dream of, but we also have a resilient, lightning-quick, and completely ubiquitous money infrastructure to keep it all rushing forwards.

As the notion of robbing banks graduated from a rebel on a horse toting a six shooter to highly sophisticated cyber attacks, planned and executed from halfway across the globe, so has the way we protect our clients’ information and funds become highly sophisticated and of increasing importance.

There exist countless lists of recommended actions that financial services institutions should take to protect themselves from cyber attacks. Password policies, cyber security consultants, company-wide IT policies, backup and incident response plans, and the like are all sensible precautions.

Of course, all of these need to work together.

Building a digital fortress needs all of our efforts to work in concert. Imagine building a fortified castle with high walls all around it. Your main entrance is guarded 24 hours a day, your bastions are  impenetrable, but the kitchens have a little service entrance round the back where it is more convenient to take delivery of the food you’d like to eat.

It is this kind of thinking that literally opens doors to the potential of security breaches.

So, while we put our time, money, and planning into developing, deploying, and maintaining a digital fortress around us, we need to instil a mentality of security with every single member of our team. We also need to extend this thinking to our suppliers and clients. Everyone who interacts with us will at some point have a way into the organisation.

With all of us thinking like an attack could be imminent, we will all behave in a way that is conducive to a heightened notion of security thinking. The fortress is the first step, but instilling something of a siege mentality is the way to keep the fortress as close to impenetrable as possible. When under siege, the one attitude that goes away is complacency and avoiding complacency is a large part of ensuring cybersecurity.

Let’s take email as an example.

Globally, 300 billion emails are sent every day.

90% of cyberattacks start with email.

Fintech companies all have secure email systems in place but it takes more than that. It takes vigilance on behalf of every member of the team and a regularly educated client base to keep such form of communication safe enough to be useful. Phishing is designed to sneak past the smartest of us so constant vigilance and being up to date with the latest tricks are paramount.

Setting up and insisting on secure emails is one step to avoid that risk. Hiring the best cybersecurity experts your budget can afford is a bigger, more effective way to completely sidestep weaknesses in your fortress.

Members of your team may have worked from coffee shops and parks and co-working spaces, accessing your sensitive information on a public network, but as secure as these places seem, it’s no match to the protection offered by a private network, and it only takes one dedicated hacker to access everything you’ve ever done on that network without delay. Teaching your employees to use a secure VPN and avoid checking sensitive information on public networks is the start, but it does not fully guarantee protection.

Beyond teaching good practices, beyond investing in secure devices, it is a culture of constant vigilance and the understanding that cybersecurity threats attack any company, regardless of its size or product, that will help your fortress maintain its unbreached walls. It is training taught by experts in the industry that can keep your company buttressed against threats and weaknesses in the walls. The siege mentality, although drastic, is necessary, and it starts with investing in good training.

Keeping that training going month by month, is a long investment – but it’s necessary if you want to create a truly impenetrable fortress where no amount of Greeks bearing gifts will let a threat through the gates.