Bankers: It’s time to embrace digital, safely

The following is a guest post Leni Selvaggio, Global Industry Solutions Manager, Cisco

It’s no secret that with the rapid expansion of connected devices, people and processes the Internet of Things (IoT)– is dramatically changing the financial services firms.

In today’s world, we’re all about convenience. New competitors like Google Wallet, Apple Pay and PayPal are playing a huge role in shifting customer expectations and preferences. Consumers are becoming accustomed to having access to their financial information and money whenever and wherever they want it. If traditional retail banks do not evolve and adapt quickly, their influence and role will diminish.

Investing Strategically in IoT

Financial institutions have already begun to invest significant sums of money and resources in order to compete. According to PWC’s 6th annual digital IQ survey, financial services is among the top-10 industries investing in IoT innovations.

For example, some financial institutions are beginning to explore linking wireless body weight scales to financial rewards programs. And Insurance companies are experimenting with “car banking” by using sensors to improve underwriting for collision policies.

It’s not just the financial industry that is exploring new things. Fin-tech startups such as ApplePay, What’s App and Venmo are becoming staples in consumer financial transactions. As the lines between conventional roles begin to blur, technology companies are offer financial services, and financial services companies are becoming technology companies.

But the key to digital success for financial services firms is to make digital technology investments strategically. Investing massive amounts of money in IoT won’t help if not approached with security top of mind, especially given the uniquely sensitive nature of the data that financial services firms possess.

Unique Security Challenges

The sensitive nature of this data puts financial service firms in a precarious situation when approaching the Internet of Things.

Security is already a highly complex and involved task for financial institutions and as the pace of digital innovation increases, so does the frequency and sophistication of security incidents.

The Internet of Things will create more information handoffs and more attack vectors. And in comparison to newer independent tech company competitors, financial services firms have more conservative risk profiles, more barriers to entry, and far more to lose from IT security events and failures.

The proliferation of IoT technologies will also increase third party involvement in transactions and data sharing. With so much valuable financial and personal information at risk through third-party transactions and touch points, financial services IT leaders will need to strengthen and accelerate their defense and remediation strategies and practices on an ongoing basis.

The Road Ahead

Banks can still move forward into the world of connected people, devices, services and data — they just need to keep security top of mind. There are quite a few prescriptions for the security challenges that stand between financial services providers and IoT success.

Security is one area where financial service providers actually have a clear advantage over newer digital competitors. By adopting parallel strategies — competing aggressively with new companies on in-house innovation while simultaneously partnering with them as a provider of security — financial service providers can expand their revenue options. Legacy assets, security infrastructure and access to existing services are all elements that startup financial services companies and Fintech companies are lacking.

Financial services firms also have an opportunity to establish control and ownership of customer spending data by taking advantage of digital communications tools. The industry possesses enormous volumes of information, and much of it is valuable data about financial trends, consumer transactions, and spending habits. By combining this data with personal information from social media and other sources safely collected via smartphones and tablets, financial services organizations can provide indispensable services to clients.

Creating information-value frameworks with embedded security controls — both in the value models as well as the IoT sensors deployed at ATMs, POS terminals, digital wallets, or other social media payments, enables this valuable new “hybrid’ of information to be used to influence and facilitate consumer buying decisions and help cement brand loyalty.

But while this wealth of new data points can be incredibly valuable, detection and response security measures have to be in place in the event of malicious activity. Historically, 80 percent of security budgets have been spent on preventive technologies. Rather than continuing to spend on preventive security products and services, financial services providers should prepare themselves by starting to spend about 40 percent on prevention and 60 percent on detection and response. Breach insurance and employing threat intelligence that is specific to your organization are two examples of effective detection and response investments.

There is no doubt that financial services organizations face a multitude of unique hurdles as they venture into the Internet of Things. However, if they do not march forward into the digital world now, they will rapidly become obsolete.

By revamping IT security, data and privacy strategies in the context of the increasingly digital world, financial services firms will maintain a competitive advantage over new market entrants, while capturing the hearts and minds of the digital consumer.