“Digital transformation should not come at a cost, so the checks and balances required keeping data safe need to constantly evolve to keep pace with change,” according to BlackBerry’s Amit Mehta.
As threats to data have become increasingly sophisticated, leaders in the financial services industry must balance security and regulatory requirements with productivity. According to a survey of IT professionals in the financial services industry, commissioned by BlackBerry and conducted by QuinStreet, 94 percent of Financial Services IT professionals are not at all confident or somewhat unconfident in the ability of their employees, consultants and partners to adequately safeguard data and 80 percent of financial services organizations are limiting the deployment of applications as a result of security concerns. To know more on the same, our correspondent Vivek Singh Chauhan spoke to Amit Mehta, Managing Director, ASEAN and India, BlackBerry. Here’s the edited excerpt of the interaction.
How do you see the financial services industry today?
A volatile economic environment continuously impacts financial institutions trying to deliver optimal services for its customers, whilst maintaining growth and profitability. This means an increased reliance on technology for digital transformation and growth.
Arguably, certain financial institutions are becoming technology companies too. The industry revolves heavily around data and its safe, accurate and verifiable transmission. Complying with tough regulatory standards, protecting customer data, enabling better business models and improving customer experience has landed this sector at the forefront of digital innovation. It has also made it a target.
With the proliferation of mobility and the advent of the Internet of Things (IoT), balancing security and usability has never been more challenging for the financial services sector. But it’s also never been more necessary. After all, financial data is extremely valuable to criminals and competitors alike.
What kind of role BlackBerry is playing in it? How important it is?
With FSI routinely ranked among the most highly targeted industries for cyberattacks, security is a top priority. Most financial services institutions report they have experienced a breach due to gaps in securing and sharing business files. Also, employees increasingly want the flexibility to work when and where they want — and from their device of choice. For the next-generation workforce, this is becoming one of the reasons for choosing where they work.
This kind of hyper-connectivity, which makes higher levels of productivity possible, can also expose companies and customers to increased security issues. Therefore, there is a need to provide the best possible data management, security and standards to protect customer privacy.
For over 35 years, BlackBerry has been in the business of protecting data, not monetising it. We believe — as an industry — we own the responsibility to create platforms, products and services that help to build that trust. Bolting security on after something happens is no longer good enough – those products and services must be secure by design.
That is why the company announced BlackBerry Spark, a secure communications platform designed to secure communications for the Internet of Things. The first phase of its roll-out was announced on August 6 — BlackBerry Intelligent Security, the first cloud-based solution that leverages the power of adaptive security, continuous authentication and artificial intelligence (AI) to enhance mobile endpoint security in zero-trust environments.
BlackBerry Intelligent Security helps to intelligently drive policies across endpoints based on risk and context of actions performed in real-time. It enforces security by detecting and preventing anomalous and malicious user behaviour, according to an organisation’s regulatory and security policies. It’s another example of how BlackBerry is innovating as a software company to protect and enable its customers around the world that are focused on digital transformation.
What are the most important security issues that big companies are facing presently?
Connectivity brings efficiency, but it also exposes organisations and their customers to multiple new risks. And, with greater risk, comes greater responsibility. Organisations are constantly grappling with that balance between innovation and risk. Digital transformation should not come at a cost – so the checks and balances required keeping data safe need to constantly evolve to keep pace with change.
With the FSI industry offering more online services for customers and mobilizing digital workforces with flexible cloud enterprise solutions, there is a drastic increase in vulnerable endpoints that can leave customers and institutions exposed, not to mention those leaks caused by human error.
The industry also needs to comply with the toughest regulatory standards, while protecting customer data, enhance customer experience and introduce better business models. Striking that balance between risk and innovation is the biggest battle.
BlackBerry’s CEO John Chen has been recently talking about how organisations need to take a ‘Zero Trust’ approach to security. It might sound counter-intuitive, but he says organizations must move to a zero-trust model in order to create connectivity consumers can trust, a move that compliments the essence of trust rather than contradicts it. Again, this goes back to the argument of continuous authentication, offered by solutions such as BlackBerry Intelligent Security which can improve productivity and reduce costs, securely.
How does BlackBerry enable secure file sharing within and even outside the organization?
BlackBerry Workspaces, lets security follow data wherever it goes. It puts effective recovery tools in the hands of the system administrator. It helps to contain and limit the damage of ransomware attacks by allowing the admin to freeze affected user accounts and selectively target and address infected files. It provides employees with access to any file, even outside their firewall and allows them to revoke access to any file by any user, even after the file has been downloaded. Only BlackBerry Workspaces can provide the level of security organizations need — wherever files are, wherever they need to go, and whoever needs to access them.
How can BlackBerry help financial institutions achieve a state of threat prevention with AI?
As well as driving productivity, technologies like AI and ML certainly play an integral role in helping improve compliance, procedures, productivity and privacy in order to build a secure framework. The networks today are vast with varied access points like ATM terminals, apps, kiosks, tablets, websites and traditional terminals.
BlackBerry Cylance’s AI-driven approach remediates faster, requires minimal system/infrastructure, and blocks threats before they can execute. It applies predictive AI to ransomware and malware. This means ransomware variants can be detected weeks, months or even years before the binaries are executed.
Emerging technologies like IoT and AI increase the attack surface and risk, how to address such security risks?
IoT and AI improve business outcomes, but these also introduce unprecedented safety and privacy risks. BlackBerry provides enterprises and governments with software to secure the IoT devices they use, the products they make, and the data that flows in and out of their network. BlackBerry is uniquely positioned to do so, leading in key areas such as cybersecurity, endpoint management, encryption, embedded systems, data privacy.
As the world becomes more and more connected, with every ‘thing’ having its own IP address, BlackBerry’s role ensuring safety, security and data privacy will become much more important.
How BlackBerry address the challenge of regulatory compliance for financial institutions?
Regulatory compliance is considered one of the biggest challenges within Financial Services according to IT decision-makers. BlackBerry offers proven security so the organization can meet the strictest financial standards, obtain necessary certifications and comply with data security regulations. For example, BlackBerry offers a series of services that take your organization through the practical, step-by-step process of understanding the PII in use by your company, how GDPR applies to your organization, and how to achieve a competitive readiness posture in support of your business.