Home > Finacle > Blogs > Security: The key to becoming a digital organization

Security: The key to becoming a digital organization

March 18, 2019 - Sandeep Joseph Mathew Senior Consultant

Privacy and ethics

Software applications like email and messenger have become an integral part of our personal and work life. We cannot imagine a life without e-commerce online portals or mobile applications. Our reliance on mobile and online applications for easy transfer of funds or bill payments continues to increase too. Data records generated from the slew of applications and devices are stored in data centers or cloud. With the rise of sophisticated hacking techniques, the underlying assumption that a software executes what is expected and doesn’t what is not is beginning to dispel. Security breaches and malicious incidents are evidence of the increasingly smart and creative cyber criminals out there looking to exploit vulnerabilities. The repercussions are multifold – loss of customers, market cap, financial losses because of data loss, and costs associated with the efforts that go into responding to the breach and recovering trust. Clearly, security is a key concern for any digital business, and a business cannot claim to be a truly digital organization if its applications are not secure.

Organizations must follow certain security guidelines to mitigate the risks associated with new age cyber threats, to be sustainable and customer-centric. A data-centric approach to security is required because of the sheer value of customer data for a business. Businesses need to constantly ask questions such as:

  • Who can access my data?
  • Who can modify/delete my data?
  • Do I have access to my data?

The above questions ensure confidentiality/privacy, integrity and availability of data. More commonly known as the CIA triad which forms the basis of many security guidelines.

Additionally, businesses need to ask questions like:

  • Which data records are critical for business?
  • Which systems or applications use the data?
  • Who are the users that access the data?
  • Where the data records reside?

Being well versed with current trends in cybersecurity and assessing new cyber threats are also some of the factors essential for a secure and successful business venture.

Many organizations have a security incident response team to initiate necessary action in the event of a security breach. They identify vulnerabilities by monitoring data, analyze the incident to understand the breach and take the necessary action to resolve the incident. Advanced machine learning techniques can understand normal system behavior, detect deviations and assess risk. This, combined with the knowledge of hacking techniques helps detect unusual user and database activity. Unusual usage patterns can help determine the cause of the breach. Access credentials to various resources can be restricted and passwords reset.

Adequate security measures need to be considered regularly while building software solutions as the cost of addressing security incidents continues to increase substantially. It is imperative to consider security aspects during software development and testing to identify if the software is doing only what it is intended to do. There is no room for complacency.

Infosys Finacle’s 2019 Banking Trends report talks about the new threats likely to arise due to extensive use of digital technologies – particularly AI and Machine Learning – in cyber-attacks. Cheaper computing power and availability of open source algorithms if misused, can have severe consequences for businesses including banks. Banks will invest in security talent and use a combination of technologies across threat intelligence, data leak prevention, user behavior analytics, access management and cloud security, to combat the rising threat from technologically advanced hacking methods.

I’d conclude by echoing the popular view, “Security is a journey, not a destination”. Indeed.

Sandeep Joseph Mathew

Senior Consultant

Sandeep Joseph Mathew is a product owner in Finacle Loans ART at EdgeVerve Systems Ltd. His areas of interest include product management and credit monitoring. He is a Chartered Associate of Indian Institute of Bankers. He holds Post Graduate Diploma in Management from LIBA, Chennai and BTECH from CUSAT, Kochi.

More blogs from Sandeep Joseph Mathew >

Related Blogs All Blogs


Possibilities #Reimagined – More Things to Bank on
March 12, 2018


Blockchain and possible impact on currency handling
August 14, 2018

Leave a Reply

Your email address will not be published. Required fields are marked *

4 thoughts on “Security: The key to becoming a digital organization

  • very well constructed.

  • Nice write up

  • Well written Sandy

  • Very well articulated sandeep

  Load more comments...