Banks Look Up To The Cloud

Uploaded on 2016-08-10 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Financial

Banks are growing more comfortable using other companies’ servers instead of their own closely guarded data centers -- and that longstanding security concerns are fading.

Imagine closing your eyes and asking the voice-activated Amazon Echo on a nearby shelf when your next car payment is due. Just a few years ago, banks would have needed a houseful of their own computers to provide such service.

Instead, new capabilities announced by Capital One Financial Corp. run on Amazon.com Inc.’s cloud. 

For years, banks have been outliers, shunning web-based data centers run by Amazon, Microsoft Corp. and International Business Machines Corp. Pressures to reduce costs and innovate are changing that. Of the world’s 38 largest financial institutions and insurance companies, 25 have signed up with Microsoft and are beginning to put applications in the cloud. Capital One, the eighth-largest U.S. commercial bank, started deploying applications in cloud services in early 2015.

“The momentum has been tremendous, especially in the last six months,” said Karen Cone, general manager of worldwide financial services at Microsoft.

Banks are trying to speed up internal development to keep up with innovative startups that are reinventing everything from cross-border payments to bill pay and doing it faster by using the cloud. The lenders look to the cloud as a way to lower costs and improve profits in a climate of stiffer capital rules and low interest rates.

Capital One added to the services it first started offering through the Amazon Echo in March. The bank became the first company to give customers access to auto, mortgage and home-equity information using Alexa, the Echo’s voice-activated assistant, providing answers to questions such as “How much is my next mortgage payment?” and “How much more until my motorcycle is paid off?”

“The primary motivation for the banks to do this is because they want to create agility and flexibility in their middle and back office that would let them digitize their business on an end-to-end basis,” said Likhit Wagle, general manager of banking and financial services at IBM, based in Armonk, New York. “They want to be able to automate all of their processes.”

Two developments have contributed to the bankers’ growing embrace of cloud computing. Regulators have welcomed the shift and cloud companies have revamped their practices to accommodate lenders. “We see no fundamental reason why cloud services (including public cloud services) cannot be implemented, with appropriate consideration, in a manner that complies with our rules,” the UK’s Financial Conduct Authority said this month when it published new guidance for the industry.

Financial Services

Microsoft, based in Redmond, Washington, created a special financial-services compliance program that gives banks full access to all audit reports, notification of any security incidents and provides them with a road map on upcoming security and privacy features.

“I know from our own checks that both Amazon and Microsoft are all over the global banks,” said Karl Keirstead, a software analyst for Deutsche Bank AG. “This is a massive opportunity and prize that the public cloud vendors are well aware could move the needle for them.”

The transition to the public cloud began in Europe and Asia. Commonwealth Bank in Australia has begun using web-based computing for development and testing new software, and running its website, for example.

Major Savings

“Through this hybrid approach of combining the use of public cloud with our internal cloud, we have realized major savings in infrastructure costs and reduced project delivery times,” Nick Giles, executive general manager of IT Delivery Services at the bank, said in an e-mail. “As a result, we have been able to channel that capital toward innovation and customer-facing technologies.

Singapore’s DBS Bank said it will use Amazon Web Services and expects to move as much as 50 percent of its computing needs to the cloud by 2018

Capital One, based in McLean, Virginia, is so happy with cloud services it’s closing data centers and expects to be down to three from eight by 2018.

“There’s nothing we aren’t willing to put in the public cloud,” said Rob Alexander, Capital One’s chief information officer. “We are now doing the vast majority of all our new development in the public cloud, and we are systematically moving our legacy applications.”

Larger banks are expected to follow in coming months, though they are expected to do so cautiously. Many are starting by putting marketing, human resources and other non-core applications onto the cloud -- usually, no more than 10 percent of their total applications, according to IBM’s Wagle. Other parts of the businesses will take longer.

“Banks move slowly, especially regarding IT decisions with regulatory implications,” said Keirstead of Deutsche Bank Securities. “Hence one should expect any move to be gradual.”

Information-Management:  

 

« ISIS Is Tooling Up For Cyber Jihad
Hacking May Prompt Heightened US Election Security »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Cybereason

Cybereason

Cybereason provides real-time detection of malicious activity enabling you to identify the cause and scope of an attack and ensure an effective response.

Lawley Insurance

Lawley Insurance

Lawley is a full-service, independent insurance agency. Specialty insurance products include Cyber Security.

Woz U

Woz U

Woz U provides best-in-class technology training for Learners, Higher-Ed and Corporations. We focus on the most in-demand occupations such as Software Development, Data Science and Cyber Security.

Office of the Government Chief Information Officer (OGCIO) - Hong Kong

Office of the Government Chief Information Officer (OGCIO) - Hong Kong

OGCIO supports the development of community-wide information technology infrastructure and setting of technical and professional standards to strengthen Hong Kong’s position as a world digital city.

Red Sift

Red Sift

Red Sift is the only integrated cloud email and brand protection platform, supporting organizations to secure their communications.

GV

GV

GV provides venture capital funding to bold new companies in the fields of life science, healthcare, artificial intelligence, robotics, transportation, cyber security and agriculture.

German Israeli Partnership Accelerator (GIPA)

German Israeli Partnership Accelerator (GIPA)

GIPA is based on two pillars: it is an incubator aimed at young academics and a program to transfer cybersecurity expertise to corporate partners.

Baker Donelson

Baker Donelson

Baker Donelson is a law firm with a team of more than 700 attorneys and advisors representing more than 30 practice areas including Data Protection, Privacy and Cybersecurity.

TekSek Cyber Security

TekSek Cyber Security

Preparing you for tomorrow's security threats.

Cybersecurity Maturity Model Certification Center of Excellence (CMMC COE)

Cybersecurity Maturity Model Certification Center of Excellence (CMMC COE)

CMMC COE is an IT-AAC sponsored public–private partnership that will be the focal point for entities seeking to achieve Cybersecurity Maturity Model Certification.

Force Majeure

Force Majeure

Force Majeure specializes in cybersecurity, incident response, and digital forensics, with experience spanning more than a decade.

Guernsey

Guernsey

Guernsey provides a wide range of engineering, architecture and consulting services to multiple markets, including cybersecurity consulting and CMMC certification.

International Cyber Threat Task Force (ICTTF)

International Cyber Threat Task Force (ICTTF)

The International Cyber Threat Task Force is a not-for-profit initiative promoting the ecosystem of an International independent non-partisan cyber security community.

Imprivata

Imprivata

Imprivata is the digital identity company for life- and mission-critical industries, redefining how organizations solve complex workflow, security, and compliance challenges.

TRM Labs

TRM Labs

TRM enables risk management and compliance for a global community of financial institutions, cryptocurrency businesses and government agencies.

HEAL Security

HEAL Security

HEAL Security is the global authority for cybersecurity data, research and insights across the healthcare sector.