“Build your empire on the firm foundation of the fundamentals” – Lou Holtz
There is little argument that today’s state of FinTech Security is highly complex and exceedingly risk sensitive. The stakes have never been higher. Yet, the financial industry seems able to find the resources to throw bodies and budget at the problem. Not all banks are equal, of course, some sporting 40+ dedicated information security people on staff. Yet, no matter the depth of investment, technical complexity, and mitigating controls, the information security fundamentals is still the best strategy despite the body count or security budget.
READ MORE ON CBINSIGHT >>
The first rule of FinTech Security is we don’t talk about FinTech security! The second rule is everyone must have security. Sound familiar? That’s how it feels in many technology circles. Today’s information security world is booming with not just products and services, and the security threats therein, but multiple interpretations of the word “security”.
Ever get the feeling no matter how much is done with security, it’s never enough? Your information security people are not satisfied, or are approaching your meetings with more bad news? Where does practical application versus security goals align with risk avoidance? Here is a reality: To sell a product or service means to engage in risk. Technology is a market and delivery mechanism, and threat vector.
Cue Gene Kim’s book The Phoenix Project. Gene Kim got his start in Information Security with open source Tripwire software. His career is peppered with work in IT controls and standards... READ MORE >>