PaymentsJournal
SUBSCRIBE
  • Analysts Coverage
  • Truth In Data
  • Podcasts
  • Videos
  • Industry Opinions
  • News
  • Resources
No Result
View All Result
PaymentsJournal
  • Analysts Coverage
  • Truth In Data
  • Podcasts
  • Videos
  • Industry Opinions
  • News
  • Resources
No Result
View All Result
PaymentsJournal
No Result
View All Result

Securing and Managing the Business Data You Accumulate Is Getting Harder and Increases Your Liability

Tim Sloane by Tim Sloane
January 10, 2020
in Analysts Coverage, Personal Data, Security
0
TSYS Hack Immaterial to the Company, but What about Its Customers?

TSYS Hack Immaterial to the Company, but What about Its Customers?

3
SHARES
0
VIEWS
Share on FacebookShare on TwitterShare on LinkedIn

How your firm manages data will shift dramatically due to the impact of machine learning, ISO 20022, and new privacy regulations. These issues will be additive to the current complex and underappreciated security problems that already exist in most organizations, as demonstrated by what seems to be daily notifications of customer data released into the wild.

The advice in this Forbes article is not telling you how to prepare for these new challenges specifically, but does provide operational recommendations that are broadly applicable:

Build security in from the beginning and automate whenever possible.

Typically, information security is an afterthought in building a new software application or implementing a new system. Once the implementation is finished, the security team starts testing it, resulting in a long list of things to fix before the system can go live. Suddenly, the launch date is in jeopardy, and there is resentment and recrimination on both sides — and the security that results is not as tightly integrated as it should be.

When I worked for a major financial services provider, we had similar problems with security testing coming so late in the development process. Instead, we asked the security team to become part of the early planning and development sprints for any new application. We got early feedback on what would make for a more secure approach, and the relationship between the developers and the information security team became more collegial and cordial.

One lesson I also learned from this experience is to perform automatic log scans for oversights and vulnerabilities. The best way to do this is to incorporate it in the early stages of your continuous integration, continuous delivery (CI-CD) pipelines. With the volume of work and the speed that business requires, it’s just not possible to do such things manually. Automation is imperative.

Security as a business enabler.

Of course, some of the unauthorized data access we might catch will be people at our own company who have a legitimate business need for the data. Inadequate access can stifle ideas and innovation. The logs can serve as a starting point for a larger discussion on how the company can make better use of its data.

Yes, data can be a liability, but so can overly stringent data security. Security should be a business enabler, providing a secure foundation for trusted relationships between the organization, its employees, its customers and its partners. That way, we can move beyond the fear that our data is a potential liability and know that it has become a true asset for the organization.”

Overview by Tim Sloane, VP, Payments Innovation at Mercator Advisory Group

Tags: data managementISO 20022Machine LearningPersonal DataPIIregulationsSecurity
3
SHARES
0
VIEWS
Share on FacebookShare on TwitterShare on LinkedIn

    Analyst Coverage, Payments Data, and News Delivered Daily

    Sign up for the PaymentsJournal Newsletter to get exclusive insight and data from Javelin Strategy & Research analysts and industry professionals.

    Must Reads

    5 Ways to Protect Your Financial Institution from a Cyberattack

    5 Ways to Protect Your Financial Institution from a Cyberattack

    May 26, 2023
    traditional banks

    How Traditional Banks Can Modernize Without Risk

    May 25, 2023
    identity fraud

    Javelin’s Identity Fraud Study Highlights the Changing Nature of Fraud

    May 24, 2023
    SASE, security-as-a-service

    Security-as-a-Service Secures
    Distributed IT Models

    May 23, 2023
    mule. real-time

    Early Detection of Mule Activity Requires Real-Time Solutions

    May 22, 2023
    embedded finance, ecommerce

    How Retailers Can Enter the World of Embedded Finance Confidently 

    May 19, 2023
    cross-border

    Cross-Border Trade is a Cinch with the Right Payments Partner

    May 18, 2023
    debit

    5 Reasons Merchants See Debit As
    Top-of-Mind for In-Store Sales

    May 17, 2023

    Linkedin-in Twitter

    Advertise With Us | About Us | Terms of Use | Privacy Policy | Subscribe
    ©2023 PaymentsJournal.com

    • Analysts Coverage
    • Truth In Data
    • Podcasts
    • Videos
    Menu
    • Analysts Coverage
    • Truth In Data
    • Podcasts
    • Videos
    • Industry Opinions
    • Recent News
    • Resources
    Menu
    • Industry Opinions
    • Recent News
    • Resources
    • Analysts Coverage
    • Truth In Data
    • Podcasts
    • Industry Opinions
    • Faster Payments
    • News
    • Jobs
    • Events
    No Result
    View All Result