Stephan Berner, CEO at Help AG/Supplied
Stephan Berner, CEO at Help AG, sheds light on how financial institutions should approach their cybersecurity strategies.
editor's pickWednesday 14, August 2019
As a technology solutions provider, what do you see as the biggest challenges facing banks today?
Financial institutions are driven by innovation and today, we see plenty of organisations moving from legacy to digital banking models. The reliance on digital technologies means that at any time, banks need to ensure that their IT environments are protected.
This requires their IT teams to strike that delicate balance between rapidly rolling out new digital services to cater to customer demands and ensuring that these are designed with security in mind. Banks, like any other organisations, are developing rapidly when it comes to the IT front. Today the systems required to operate a consumer-focused financial infrastructure are vast.
You may not consider it as a normal user, but when you pull out your phone to use your latest features in the banking app, or want to use your Apple or Android payment feature, there are specific IT processes supporting these, that had to be developed, tested and secured before they could go into production.
As technology becomes more and more important to deliver the best service, banks are slowly moving away from being financial institutions operating technology to technology companies operating a financial institution.
Needless to say, the assets that banks hold are some of the most valuable and, from the perspective of security, can be compared to health and personal identification information (PII). This means that attackers are very interested in targeting banks.
Their attacks can be directed at the consumer side where phishing and social engineering are major problems as consumers are tricked into giving away their details by attackers. Or it could take the form of attacks against a bank’s core IT systems—specifically the systems taking care of interbank transfers.
As the speed of roll out for new features keeps increasing along with new technology as well as consumer requirements, balancing security with functionality and convenience ultimately becomes a big challenge for any bank.
From a cybersecurity standpoint, the key for any bank is to understand their applications, and the associated security requirements. This is imperative to identifying immediate threats and risks in applications, as well as to understanding how well the existing security solutions can support the organisation’s ambition of being agile and secure.
Technologies like DevOps, APIs, private and public cloud are challenging legacy security systems. A new approach and breed of solutions is required to maintain security in a domain where the application dictates the security capability as opposed to security dictating the application. It is also for these reasons that today, there is no doubt that security in any fintech application has become a day-zero job.
What is your view on the awareness of banks on these issues?
In our experience working across several industry verticals, it is evident that cybersecurity maturity is highest within the banking sector. That said, sometimes organisations overlook the basics and invest in advanced technologies without first addressing critical vulnerabilities.
Unfortunately, without a solid technology base, it is only a matter of time before attackers uncover and exploit the underlying security flaws.
Tell us about Help AG and your targets for 2019.
Our mission in 2019 and beyond is to continue to be the leading provider of cybersecurity solutions, services and consultancy throughout the Middle East and Africa. As a business, we have been able to grow significantly year-on-year since our establishment in the region in 2004.
We have laid out a clear five-year plan which is to provide a holistic 360-degree approach which will enable our customers to provision and consume any cybersecurity solution or service they require—from security analysis and strategic consulting, to technology integration and around-the-clock support.
And of course, as is currently possible, they will have the ability to leverage our Managed Security Services (MSS) to ensure they get 24x7x365 protection against issues, events and attacks. Our approach is to focus on existing customers—to go deep and go wide, doing white space mapping to further complement and enhance the services and solutions we offer our customers.
As we look for further growth, we plan to increase from over 200 to over 400 customers. For this we intend to hire additional resources to drive business development and service delivery.
What is unique about your product strategy?
Help AG is a pure play cybersecurity advisor that goes far beyond the capabilities of the traditional systems integrators, with industry leading practises in Analysis, Consulting, Integration, Managed Security Services and Support. Our dedicated focus on all aspects of cybersecurity, and unmatched expertise across the most comprehensive portfolio of solutions and services has led to voluminous success.
One of the key things of any product within the Help AG portfolio is that it has been carefully selected based on a long-term strategy approach, whereby we try to identify the areas where we expect to see significant business requirements.
We always try to stay a step ahead of what our customers’ current requirements are, evangelise in the market and make sure we follow an approach that is not just best suited for the present but is also future proof. A good example in this direction is our strategic focus on AI and ML- we are utilising AI and ML in the setting of cybersecurity and the partnerships we have specifically engaged within here coupled with our focus on Secure Cloud Enablement are further testament to our strategic focus.
A point worth noting here would be that this is not a new approach we have adopted recently. Help AG is proud to have to its credit the success of introducing and/or strengthening the market for leading vendors like Palo Alto Networks, F5 Networks, Infoblox, FireEye, Symantec, Sourcefire, IronPort and many more.
What’s important is that this kind of strategy doesn’t just apply to our products/solutions. Rather it spans across our entire organisation. We make sure all our solutions and services delivery teams are well-equipped to provide the highest expertise to support our customers with their ever-evolving security needs.
While most channel organisations continue to focus on solution delivery as their core business and leverage a generic tools-based approach to services, Help AG has set itself apart from the competition by building an unmatched services portfolio. Our heavy investment into recruiting and training the most technically skilled employees gives us an edge in service delivery.
When you look at the short to medium term, what are the things that come to mind?
In the UAE, it’s fair to say that digital transformation across technology domains—blockchain, artificial intelligence, machine learning etc.—is relatively widespread.
Government initiatives and market forces have resulted in organisations in the country having the ambition and initiative to be early adopters of new technologies. This makes cybersecurity even more critical as with any nascent technology, there is always the potential to uncover new threat vectors.