Transforming cybersecurity in the financial services industry

 

Cybersecurity: What are the challenges?

Cybersecurity is the protection of computer systems and networks from the theft or damage to their hardware, software, or electronic data.

The financial sector is a critical field in terms of cybersecurity. The Payment Services Directive (PSD2) has let banks open their systems to authorised third-party financial service providers, who can initiate and process payments and offer customers a series of applications, for example, to manage several bank accounts from a single application. This new scenario, which is characterized by a multiplicity of actors, devices and applications, carries several risks in terms of security, privacy, data protection and fraud.

Furthermore, the human factor is behind many attacks in the financial sector. For example, many users have the same usernames and/or passwords for different applications, as well as weak, easy-to-guess, passwords. There is, therefore, a need for awareness and specific training for employees in the financial sector, to mitigate common vulnerabilities and threats directly related to human factors in cyber-security.

Enhancing cybersecurity

How can we enhance cybersecurity practices within the financial services sector?

The SOTER project will combine technological development with human factor-based cybersecurity training to enhance information security, data privacy and cybersecurity practices within the financial services sector.

The SOTER project will improve cybersecurity practices by:

  • Developing a biometric-based identification and authentication platform: the platform will use biometrics for electronic identification as a means for people to prove who they say they are and thus gain access to services and perform electronic transactions in a safer way
  • Produce a sector-specific training programme to raise awareness about the importance of cybersecurity for employees in the financial sector

 

Ethical, legal and social impact assessment to ensure sustainable innovation

Trilateral assesses the legal, social and ethical issues that need to be considered in the development and deployment of the SOTER platform to ensure data privacy and GDPR compliance.

 

Working with end-users to test and validate novel technology

Trilateral works with end-users to map and understand human factors in effective cyber-security. Trilateral hosts interviews and focus groups with end-users to generate an accurate, detailed, and rich picture of cyber-security and privacy practices, gaps and vulnerabilities in the financial sector. This will underpin an evidence-based risk assessment framework for managing and mitigating these human factors and their resulting cyber-security and privacy risks.

 

Enhancing impact: raising awareness and strengthen engagement

Trilateral works on enhancing the project findings by creating a network including stakeholders in finance, technical experts, civil servants, privacy advocates, citizens, and human rights experts to reach out to all relevant stakeholders’ communities.

Our work facilitates novel collaborations, amplifying SOTER’s results and encouraging the adoption of SOTER’s biometric-based authentication and identification platform within the financial services sector.

 

For more information and updates visit the project website and follow us on Twitter and LinkedIn.

 

 

 

This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 833923

 

 

Please contact our team for more information:

Robin Renwick, Research Analyst at Trilateral Research

 

 

 

‘Risk Assessment Report and Methodology’

You can view the Executive Summary and Table of contents of the Project Solebay Risk Assessment Methodology Report.

Please sign up to the Solebay mailing list to download the Full Solebay project report.