e-Forex-Nov-23

More documents

Recommendations

Info

Crossing the Security Rubicon: How Managed Service Providers are hastening banks’ migration to the Cloud NETWORKS, HOSTING & CONNECTIVITY The notion that ‘freedom lies on the other side of fear’ holds true not only in human psychology but also in the context of financial business. In the FinTech world, cloud technology is freeing banks and financial institutions into greater flexibility, resilience and, prudently done, profitability. To achieve this, they have to conquer fears about security and regulatory compliance. BARRIERS TO MIGRATION Not too long ago it was considered a highly risky proposition to store, manage and process sensitive financial and customer data in the cloud. In addition, the onus for compliance rested squarely on banks’ shoulders. Relinquishing control of their environment while remaining responsible for their own security policies and procedures felt like too much of a risk. GROWING TRUST Nevertheless, to have any competitive relevance, banks and other financial Oscar Neill institutions must be able to innovate, streamline their operation, scale up or down, and ensure the highest levels of quality, performance, and customer service, all with the greatest agility and adaptability, and without compromising security. In recognition, specialist financial infrastructure providers are dedicated to facilitating not only operational efficiency but also secure and compliant governance up and down the supply chain. Oscar Neill, Chief Information and Security Officer for Beeks Group comments: “A dedicated financial services cloud provider understands the needs and pain-points of its client’s business as well as the controls, frameworks and compliance demands incumbent upon it. It keeps abreast of new regulations, forges securityfocused partnerships, and ensures its own security accreditations and quality standards are as current, auditable and dynamic as possible.” MSP OFFERINGS Consequently, the preparedness of Managed Service Providers (MSPs) to shoulder much of the compliance burden on behalf of their customers is beginning to influence the increasing level of comfort and trust among banks in cloud migrations. Here are a few key examples of how financial MSPs are doing this: Integrated pillars of security Describing how cloud security capabilities are key pillars of his company’s flexible architecture, Neill says: “Our capital markets dedicated private and hybrid Infrastructure as a Service (IaaS) solutions have integrated market leading malware protection and vulnerability scanning capabilities to ensure secure configurations for our customers’ infrastructure. Zero Trust access management, firewalling, intrusion detection and prevention, and Security Information and Event Management (SIEM) are all baked into our solutions from day one. Unlike public cloud infrastructure sharing, Beeks’ private cloud provision puts us in complete control of our 66 NOVEMBER 2023 e-FOREX
NETWORKS, HOSTING & CONNECTIVITY clients’ environment security, giving us the confidence that there is endto-end protection.” Source:Beeks Group Compliance Frameworks ISO 27001 and SOC 2 are important complementary frameworks for cloud service providers to follow. ISO 27001 is the international standard for information security management, governing how overall security is defined, implemented, operated, controlled, and improved within an organisation. It is an ISO certification that is audited annually and recertified every three years. SOC 2 defines criteria for managing customer data based on five ‘Trust Service Principles’ (TSC), Security, Availability, Processing Integrity, Confidentiality and Privacy. It differs from ISO 27001 in that it evaluates the effectiveness of an organisation’s security controls and processes over a specific period of time. Commenting on Beeks’ accreditation status Neill says: “Beeks achieved ISO accreditation in 2020 and is aiming to receive our first SOC 2 report in February 2024. SOC 2’s transparent and independent audit process gives clients and prospects compelling evidence about how our security controls actually work and operate. This gives clients more dynamic, detailed, and timely operational information to review for their own compliance.” he explains. 5 main requirements of DORA experience in security operations reporting, business continuity and for government and private sector operational resilience testing. Our environments and were named Global most recent large-scale Exchange Microsoft MSSP partner of the year in Cloud implementation for 2023.” Johannesburg Stock Exchange is a good security case study to highlight Offering rapid threat detection and these capabilities. However, we are response for incidents involving not resting on our laurels and have credential theft, anomalous engaged an independent audit firm behaviours, and malware propagation, to conduct gap analyses to assess our BlueVoyant gives Beeks a head start DORA readiness.” in threat intelligence sharing, which is of increasing importance in ensuring DEDICATED SERVICES VS PUBLIC robust and resilient infrastructures CLOUD across supply chains. “Of course, public cloud hyperscalers will also offer highly accredited EARLY ADOPTION OF THE DIGITAL solutions to tier 1 participants,” OPERATIONAL RESILIENCE ACT comments Neill, “but not (DORA) necessarily with the correct scope of understanding of secure and DORA is an EU financial regulation resilient ultra-low latency and which comes into full force in January high-performance environments. 2025. According to the wording For example, AWS might advertise of the Act itself it will define rules fully redundant availability zones, on the five key pillars; financial ICT but if their customers are not risk-management, incident reporting, deploying across multiple availability operational resilience testing, ICT zones, they will not have access to third-party risk monitoring and the redundancy. Dedicated MSPs information and intelligence sharing, can guide banks away from these to safeguard the soundness of the misleading risks, and actually stipulate entire financial system. redundant architectures.” Defence in Depth Highlighting Beeks’ trusted partnerships and multi-layered approach to security controls Neill explains: “We’ve partnered with US-based Managed Detection and Response (MDR) specialist BlueVoyant to complement our threat-detection capabilities. Their team of security analysts each has at least 10 years’ “DORA will put further pressure on providers and suppliers to align their products and services with the necessary controls to comply with the regulation,” says Neill. “Beeks is already getting ahead on this by aligning our solutions to ease the sales journey and reassure banks procurement teams. We’re already doing much of the incident Neill concludes: “We are arriving in an age where banks are realising that not only can cloud technology provide them with a level of flexibility, security, and resilience difficult to achieve with legacy on-premises solutions, but that generic cloud tech doesn’t go the extra mile that their infrastructure needs. Beeks is Ready to fill that gap.” NOVEMBER 2023 e-FOREX 67
Page 1 and 2:
transforming global foreign exchang
Page 3 and 4:
Welcome to e-FOREX transforming glo
Page 5 and 6:
Turning Payment Flows into Revenue
Page 7 and 8:
Institutional EMBARK POWERFUL LIQUI
Page 9 and 10:
NOVEMBER 2023 e-FOREX 9
Page 11 and 12:
Evolving with the Market Added Func
Page 13 and 14:
Accelerate time-to-trade with LPs &
Page 15 and 16: RECENT EVENT give a few more takeaw
Page 17 and 18: to building trusted partnerships Fl
Page 19 and 20: NOVEMBER 2023 e-FOREX 19
Page 21 and 22: TRADING OPERATIONS market risk back
Page 23 and 24: Welcome to the next generation of b
Page 25 and 26: Forward FX interpolation… …sti
Page 31 and 32: TRADING OPERATIONS robust, standard
Page 33 and 34: REGIONAL E-FX PERSPECTIVE The MENA
Page 35 and 36: SAVE 10% FREE FOR BUY SIDE SAVE 10%
Page 37 and 38: EMERGING MARKET PAYMENTS, OPTIMISED
Page 39 and 40: REGIONAL E-FX PERSPECTIVE be an ele
Page 41 and 42: THE e-FOREX INTERVIEW Eric, you hav
Page 43 and 44: THE e-FOREX INTERVIEW Fred Allatt (
Page 45 and 46: THE e-FOREX INTERVIEW OUR SINGAPORE
Page 47 and 48: THE e-FOREX INTERVIEW (From left to
Page 49 and 50: FX ON EXCHANGES There are two clear
Page 51 and 52: YOUR PIONEERING PARTNER IN INSTITUT
Page 55 and 56: Your gateway to the global FX ecosy
Page 57 and 58: ASK A PROVIDER When it comes to FX
Page 59 and 60: SPECIAL REPORT Treasury automation
Page 61 and 62: Optimizing efficiency in post-trade
Page 63 and 64: TRADE SMARTER, FASTER AND SAFER Ref
Page 65: NOVEMBER 2023 e-FOREX 65
Page 69 and 70: TRADERS WORKSHOP NOVEMBER 2023 e-FO
Page 71 and 72: Next level financial markets A new
Page 73 and 74: TRADERS WORKSHOP “Rapidly changin
show all

e-Forex-Nov-23

Create successful ePaper yourself

Delete template?

Save as template?