The financial services industry remains one of the top three sectors targeted by ransomware, according to Microsoft’s 2021 Digital Defense Report. Europe, Asia and the US continue to be the most targeted regions due to the concentration of financial services industries in these areas.
“Cyber attacks are increasing in frequency and sophistication and are deliberately targeting core business systems to maximize the impact of the attack or the likelihood of a ransomware payout,” says Bill Borden, corporate vice president of Worldwide Financial Services at Microsoft. “This has accelerated in recent years with the advent of cybercrime ‘as a service’ and digital currencies that enable an even wider range of criminal organizations around the world to monetize cybercrime, with a particular focus on key sectors. such as financial services and health care. ”
Additionally, as the remote workforce has expanded the attack surface, the threat landscape has become increasingly sophisticated. “This is an area of increasing attention and is being watched closely by financial services regulators,” says Borden. “The persistent and evolving attacks are reminders that we must act decisively on all fronts in new ways to strengthen cybersecurity measures for industries and people.”
As financial services companies face ever-evolving threats and protections, they must address two competing needs. They must deliver customer experiences, with innovation and attention dedicated to satisfying customers where they are. But they must also thwart cybercriminals, fraudsters, and money launderers by implementing strong cybersecurity and data protection policies and practices.
This is where an integrated cloud platform can really deliver results. “By using one platform to manage data and security posture, financial services companies can put themselves in a stronger position to address both needs,” says Borden. “In addition to facilitating better customer experiences, an integrated cloud platform can help achieve strong governance, can provide proper oversight, and also provides the mechanisms to address cyber threats.”
Microsoft and its partner community are perfectly positioned to help financial services companies in this regard. In fact, Microsoft has put security and compliance at the core of its cloud services, spending more than a billion dollars each year on cybersecurity.
“We understand that to maximize the effectiveness of security organizations, tools must be fully integrated to improve efficiency and provide end-to-end visibility,” says Borden.
Microsoft Cloud for Financial Services provides multiple cybersecurity and compliance capabilities through built-in tools, account protection, and programs. Built-in tools include Azure Sentinel, which supports versatile options including hybrid and multi-cloud deployments for financial services with built-in security, identity, and compliance. This enables simplified management for both virtual machines and containerized environments in hybrid and multi-cloud environments.
Meanwhile, the solution’s account protection feature helps banks protect their customers’ online accounts from bot attacks, fake account creation, account takeover, and fraudulent account access.
The Compliance Manager feature helps organizations manage compliance requirements with greater ease and convenience as compliance requirements continue to expand, and most organizations face challenges when it comes to keeping up with requirements every day. and higher levels of scrutiny from financial services regulators.
And all of this is supported by the Compliance Program for Microsoft Cloud: a dedicated team of Microsoft experts who are available to help an organization’s internal and external risk, audit, and compliance teams address financial services regulatory compliance. .
It is these characteristics that Borden believes make security and compliance solutions from Microsoft and its partners unique. “Our solutions are cloud-native and designed with security in mind from the ground up, allowing us a broader set of controls to limit surface areas of risk compared to traditional in-house banking platforms,” he says. “This allows us to do permanent zero access, where no Microsoft personnel have access to customer data without additional approvals, which can be difficult to do in traditional systems where there is IT administrator access.”
The appeal of such solutions is clear, which is why some of the world’s largest financial services companies are backed by Microsoft technologies. Late last year, for example, US bank Wells Fargo marked the next step in its digital transformation journey with a new multi-cloud strategy, relying on Microsoft Azure to provide a reliable and secure foundation across its functions, as well as to better manage risk.
“Wells Fargo and Microsoft have a longstanding relationship, and we’re excited to build on that foundation to accelerate Wells Fargo’s digital transformation journey,” said Judson Althoff, chief commercial officer of Microsoft, in a press release. “Microsoft Azure is empowering financial services institutions with its secure, compatible and scalable platform for the industry’s cloud solution needs, including advanced and complex workloads. By standardizing on the Microsoft cloud and relying on Azure as its core and most strategic cloud platform across all lines of business, Wells Fargo will be able to advance its key business and technology transformation priorities in core areas such as risk management and control, personalized banking and the digital branch of the future.”
Japan’s Mitsubishi UFJ Financial Group also chose the Microsoft Azure cloud as the common system infrastructure for its cost-saving, security, and risk management benefits. Meanwhile, Swiss bank UBS is using Microsoft Azure for global scale and security, and Canadian investment bank TD Securities recently built on its Microsoft 365 communications compliance infrastructure with a highly secure and compliant global implementation of Microsoft Teams.
Despite these success stories, Microsoft has not become complacent. As the threat of cybercrime evolves in the future, the company makes concerted efforts to ensure that financial services organizations are protected against the unknown.
“As remote work continues and the frequency of cyberattacks increases, we anticipate that cybercriminals will continue to target and attack all sectors of critical infrastructure, including healthcare and public health, information technology, services financials and energy,” says Borden. “Organizations will need to put themselves in a stronger position to address compliance and risk management challenges to successfully scale and grow. With that in mind, Microsoft has announced its commitment to quadruple its investment in cybersecurity to $20 billion over the next five years.”
Microsoft has also enhanced tools and resources to address a variety of cyber threats, manage security, and enable customers to manage cloud governance.
“Microsoft is committed to helping the industry improve time to value, reduce costs, increase agility, and accelerate innovation for sustainable growth through digital transformation,” Borden concludes. “We offer cloud technology that helps organizations not only develop a comprehensive cyber resiliency strategy, but also makes preparing for a wide range of contingencies less complicated due to its scalability.”
We asked a selection of Microsoft partners about how they are leveraging Microsoft technology to ensure financial services organizations can be compliant and secure. Below are excerpts from their responses, which you can read in full on page 95 of the digital edition of the Spring 2022 issue of technology registration.
Russ Soper, CIO of Finestrasaying: “[Our priority] it’s about finding the balance between creating efficiency through streamlined operations, managing risk and compliance, and delivering innovation and better experiences that improve the day-to-day functions of our customers.”
Chris Hill, Regional Vice President of Public Cloud and International Strategic Partners at Barracuda NetworksHe said: “To ensure their data is protected from a cyber attack, financial organizations can partner with third-party security providers like Barracuda, which can provide enhanced security while also integrating back into the Azure fabric on which to build. they had planned to build their application. .”
Vania Sigalas, responsible for strategic proposals of Experian UK & Ireland Data Qualitysaid, “Experian’s data validation integration for Microsoft Dynamics 365 helps financial services organizations cost-effectively detect potential fraud when users submit requests or purchases.”
Mike Kraft, Senior Solutions Architect at JourneyTEAMsaid, “With Microsoft’s commitment to the highest levels of trust, transparency, and compliance, JourneyTEAM goes to great lengths to protect customer data and ensure we follow Microsoft standards.”
Vadim Tabakman, Vice President of Presales at nintexhe said, “There are financial services companies that use SQL Server on Azure as a way to store data, and Nintex Workflow Cloud orchestrates new data and the updating of that data through forms that are submitted by staff or customers.”
Vamsikrishna Bhimavarapu, Head of Banking and Financial Services at Microsoft Biz Apps at infosyssaid, “Infosys has established a dedicated Financial Services Center of Excellence in Microsoft Biz Apps to build extensive capabilities to transition customers through these disruptions, with solutions powered by leading-edge domain experts.”
This article was originally published in the Spring 2022 issue of Technology Record. To receive future issues delivered directly to your inbox, sign up for a free subscription.
share this story